Good afternoon Chairman Cleaver, ranking member Stivers and distinguished members of the subcommittee. Thank you for holding this hearing and for giving me the opportunity to testify before you today. I applaud the subcommittee for taking a leadership role in promoting and considering legislative enhancements to strengthen the Bank Secrecy Act (BSA). BSA reporting plays an integral role in safeguarding national security and furthering our economic wellbeing. Dating back to my days as a senior executive in law enforcement, and continuing as a private sector consultant, I have had the privilege to experience considerable interaction with congressional members and staff regarding the effectiveness and efficiency of BSA reporting. This is one area in which I have continually witnessed bipartisan consensus regarding considerations to enhance BSA regulations.
You asked me to testify today and comment about three legislative proposals. The first is a discussion draft “to make reforms to the Federal Bank Secrecy Act and anti-money laundering laws, and for other purposes.” The second, the Corporate Transparency Act of 2019, addresses the issue of beneficial ownership. The third, the Kleptocracy Asset Recovery Rewards Act, establishes a rewards program involving foreign corruption cases. You also asked me to provide comments regarding proposed legislative reform. I will do so in reverse order. I would like to start by focusing on the purpose and challenges of Bank Secrecy Act/anti-money laundering (BSA/AML) reporting in order to build on them to enhance the BSA/AML regime.
I have been engaged in the fight against money laundering, fraud, corruption, terrorist financing and other predicate offenses or specified unlawful activity for 46 years. Between my law enforcement experience and my private sector consulting experience and as a subject-matter expert, I have developed a unique perspective regarding the benefits, burdens and challenges of the BSA. Having served for 31 years in the government and 28 years as a special agent in the FBI, I was the direct beneficiary of BSA reporting. Now, having been in the private sector for 15 years working as a consultant and subject-matter expert primarily with the financial services industry, I have become sensitive to the burdens and challenges of BSA reporting encountered by financial institutions. Those burdens and challenges are driven in part by regulatory requirements and expectations, as well as by the lack of consistent feedback mechanisms from law enforcement regarding the value of BSA reporting. Make no mistake, BSA reporting is essential to law enforcement’s ability to defend our national security and the economy from the threats posed by bad actors.
My government investigative and private sector consulting experience has provided me a unique opportunity to understand and appreciate two very distinct perspectives regarding the BSA. Two of the principal stakeholders of the BSA are law enforcement and financial institutions. Putting this in the context of the flow and utilization of financial information, law enforcement is the back-end user and beneficiary of BSA data. Financial institutions serve as the front-end repository and custodian of financial intelligence. Financial institutions also serve the critical function of being the monitor for identifying and reporting suspicious activity and other BSA data to law enforcement. Simply put, law enforcement uses BSA data to predicate or enhance investigations from a tactical standpoint. Law enforcement also uses BSA data for strategic purposes. From a simplistic standpoint, the flow of BSA data that is continuously filtered to law enforcement is invaluable. When you layer the complexities of regulatory compliance requirements and expectations over the monitoring and filtering process financial institutions must follow, the effectiveness and efficiency of BSA reporting from the front-end monitor to the back-end beneficiary becomes flawed.
The BSA/AML environment is fraught with much inefficiency, but the system works. Law enforcement consistently receives valuable intelligence from BSA data. The challenge is that the BSA system can and should be much more effective and efficient. In this regard, I commend the subcommittee for dedicating the time to consider measures to strengthen BSA-related regulations. An informed and thoughtful discussion about various mechanisms to strengthen the BSA/AML environment and to diminish the illicit flow of funds is in our best interests as a nation.
Law enforcement is the most important BSA stakeholder. The BSA was passed in 1970 with the legislative purpose of generating reports and records that would assist law enforcement in following the money and developing prosecutable criminal cases. Since passage of the BSA, additional legislation has periodically been enacted to enhance regulations. Most notably, passage of the USA PATRIOT Act established a host of new measures to prevent, detect and prosecute those involved in money laundering and terrorist financing. Going forward, deliberations to enhance the BSA should focus on systemic vulnerabilities, evolving technology, emerging trends and opportunities to leverage public and private partnerships and information sharing with an eye on continuing to enhance law enforcement’s investigative ability.
As noted in the introduction of the BSA:
“The implementing regulations under the BSA were originally intended to aid investigations into an array of criminal activities, from income tax evasion to money laundering. In recent years, the reports and records prescribed by the BSA have also been utilized as tools for investigating individuals suspected of engaging in illegal drug and terrorist financing activities. Law enforcement agencies have found CTRs (currency transaction reports) to be extremely valuable in tracking the huge amounts of cash generated by individuals and entities for illicit purposes. Suspicious activity reports (SARs) used by financial institutions to report identified or suspected illicit or unusual activities are likewise extremely valuable to law enforcement agencies.”
This statement is a true reflection of BSA reporting. However, there is a troubling backstory about perceived regulatory expectations that have resulted in systemic inefficiencies.
Regardless of the extent or effectiveness of BSA regulations, criminals and terrorists must use the financial system to raise, move, store and spend money in order to sustain their illicit operations and enterprises. The reality is that no matter how robust an anti-money laundering (AML) program is, it cannot detect all suspicious activity. The BSA standard is that financial institutions maintain AML programs that are reasonably designed to detect and report suspicious activity. One of the regulatory challenges confronting financial institutions today is the following question: What constitutes a reasonably designed AML program? Regulatory expectations, either real or perceived, have caused financial institutions to lose sight of the purpose of BSA reporting and have consequently led to many of the systemic inefficiencies of BSA reporting.
In using the financial system, criminals and terrorists are confronted with distinct contrasts. On one hand, the financial system serves as a facilitation tool enabling bad actors to have continuous access to funding. On the other hand, the financial system serves as a detection mechanism. Illicit funds can be identified and interdicted through monitoring and investigation. Financing is the lifeblood of criminal and terrorist organizations. At the same time, financing is one of their major vulnerabilities. At the basic core level of the front-end and back-end data process flow, BSA reporting works and is more apt to serve as the intended detection mechanism. The more convoluted and distracting the regulatory process becomes, the greater the likelihood that the financial system serves as a facilitation tool for criminals and terrorists.
In the aftermath of the terrorist attacks of 9/11, as a senior executive in the FBI, I testified before the U.S. House Committee on Financial Services on October 3, 2001. One of the issues I was asked to address was what the FBI considered as vulnerable or high-risk areas in the financial services sector. I testified that wire transfers, correspondent banking, fraud and money services businesses were the biggest areas of vulnerability to the financial services industry at that time. As a consultant, I testified at a hearing before the House Committee on Homeland Security, Subcommittee on Counterterrorism and Intelligence on May 18, 2012. During that testimony, I repeated and refined my October 3, 2001 testimony about the vulnerabilities of wire transfers, correspondent banking, fraud and money laundering. The refinement I made was that I placed the vulnerabilities into two categories: crime problems and facilitation tools. I stated that the most significant crime problems we then faced were fraud and money laundering. I identified the key facilitation tools used in furtherance of fraud and money laundering as wire transfers, correspondent banking, illegal money remitters, shell companies and electronic mechanisms.
Today, March 13, 2019, I believe the most significant crime problems we face continue to be fraud and money laundering. Most if not all other predicate offenses or specified unlawful activities contain elements of fraud and require money laundering. The key facilitation tools used in furtherance of fraud and money laundering continue to include wire transfers, correspondent banking, illegal money remitters (informal value transfer systems), shell companies (beneficial ownership) and electronic mechanisms. I find it quite striking and troubling that the same vulnerabilities we face today regarding our financial services industry are the same vulnerabilities we faced in October 2001.
Regarding the BSA, it is important that all stakeholders be engaged in the discussion and deliberation to improve the effectiveness and efficiency of BSA reporting and enforcement. More importantly, all stakeholders should be involved in breaking down real or perceived regulatory impediments. In each of our areas of responsibility, all BSA stakeholders should strive to exploit the financial vulnerability of criminals and terrorists by ensuring the financial system serves as a detection mechanism disrupting illicit funding flows. Although the BSA system works, it is flawed and lacks the effectiveness and efficiency it was intended to achieve.
The starting point toward improving the effectiveness and efficiency of BSA reporting is to improve the current system through building meaningful and sustainable public and private sector partnerships beginning with BSA stakeholders and including the financial services industry, regulators, policy makers, sanctioning authorities, intelligence experts, law enforcement, legislatures and other stakeholders. We need to start by improving the efficiencies of our current system by breaking down impediments. We then need to determine what enhancements to regulations should be considered.
Building meaningful and sustainable partnerships begins with understanding perspectives. Each stakeholder partner possesses a perspective based on their professional responsibilities and experience. Each of our perspectives will be somewhat unique. Understanding and blending the perspectives of our partners will enable us to establish a middle ground to improve or build efficiencies upon. As this process evolves, we can leverage the capabilities and capacity of our partners. This type of evolution sets the stage for developing innovative ideas and proactive measures.
One of the inherent disadvantages we have in our financial system and AML environment is that we are reactive. Criminals and terrorists have the advantage of being proactive. Our ability to add innovative ideas and proactive measures to an otherwise reactive system can achieve impactful investigative results. In fact, there have been recurring innovative and proactive law enforcement investigations. I speak from firsthand experience when I talk about developing proactive techniques. I can point to specific proactive law enforcement initiatives following 9/11 that were the direct result of innovative public and private sector partnerships. My emphasis here is we can be innovative within the current framework. We can also improve the current landscape through enhancements to encourage and/or incentivize innovation. For example, financial institutions conduct baseline transaction monitoring to alert to anomalies that can lead to identification of suspicious activity. By developing rule sets and scenarios that are targeted to specific transactions or financial activity, we are more likely to identify specific or targeted suspicious activity regarding specific crime problems, such as human trafficking. Financial institutions are reluctant to employ targeted monitoring initiatives because of concern for the potential regulatory expectations or other perceived impediments such innovative thinking could incur.
As an extension of public and private partnerships, we should consider how to improve information sharing. The USA PATRIOT Act provided us with information sharing vehicles, such as Section 314(a) where financial institutions can share financial information with law enforcement and Section 314(b) where financial institutions can share information with each other. Efforts should be made to enhance Section 314 information sharing in the current environment. In addition, any proposed enhancements to the BSA should consider additional information sharing mechanisms. The more we can do to enhance information sharing, the more meaningful information will be for law enforcement and the more detrimental to criminals and terrorists. During their plenary session in June 2017, the Financial Action Task Force stressed the importance of information sharing to effectively address terrorist financing. I have always been a huge proponent of information sharing to the extent legally allowable.
Throughout my career, I have worked closely with financial institution AML and fraud compliance professionals. I have the utmost respect for their dedication and commitment to protecting the integrity of their financial institutions and for identifying the misuse of the financial system by bad actors. Next to my former law enforcement colleagues, I hold my friends in AML and fraud compliance in the highest regard. It is important to note that the BSA shortcomings we face are systemic problems caused by multiple factors and not by groups of individuals.
The most important BSA report is a SAR. In most instances, the biggest regulatory compliance breakdown resulting in some sort of enforcement or regulatory action is the failure to file SARs or to adequately file SARs. I cannot underscore enough that law enforcement is the direct beneficiary of SARs. Regardless of systemic inefficiencies, law enforcement consistently benefits from SAR filings. SARs are used tactically to predicate and/or enhance criminal investigations. SARs are also used strategically for analytical purposes. When attempting to measure effectiveness and efficiency of SAR filings, we cannot solely rely on the percentage of SARs filed versus the number of SARs used to predicate or enhance an investigation. We must also factor in how SARs are used strategically for trend analysis and analytical purposes. Finding accurate metrics to determine the effectiveness and efficiency of SAR filings is extremely difficult.
When I was in law enforcement, I used SARs for both strategic and tactical purposes. When I was chief of the Terrorist Financing Operations Section (TFOS) at the FBI, we established a financial intelligence unit. I wanted to know on a recurring basis what were the emerging threat trends, as well as emerging crime problems. SARs were one of the data sets we used for such trend analysis. We also used SARs for tactical purposes in furtherance of investigations. We used financial intelligence, some of which was derived from BSA data, to include SARs and CTRs, for tactical proactive investigations and for tactical reactive or more traditional “books and records” “follow the money” investigations. We used data-mining technology for both strategic and tactical initiatives. I believe that the FBI continues to use BSA data for strategic and tactical investigative purposes.
Following my retirement from the FBI and as I have gained more of a financial institution perspective and based on my experience as a consultant, I have become more sensitive to the perceived lack of feedback to financial institutions from the Financial Crimes Enforcement Network (FinCEN) and law enforcement regarding the value of SARs and how SARs should be written to get law enforcements attention. FinCEN has done a good job of discussing the value of SARs in their SAR Activity Review publications. In recent years, FinCEN has recognized financial institution personnel as the front-end provider and law enforcement agents as the back-end consumer for outstanding investigations involving BSA data.
The law enforcement utilization of SARs, as I have described how I used SARs as an FBI executive, was more at a program level than at the grassroots investigations level. At the program level, there is a greater use of data mining and advanced analytics. At the grassroots field level, SARs are dealt with more in the form of individual manual reviews where each SAR is physically reviewed. For example, every U.S. attorney’s office has a SAR review team. Even though the SAR review teams use excel spreadsheets and other analytics, they review SARs by hand. The reason this is important for the committee is that at the program level, I was more inclined to want to see more SARs filed. For our data-mining purpose, more was better. At the grassroots level, SAR review teams would prefer to see less numbers of SARs filed. In this context, less is better. As a field agent and middle manager, I reviewed SARs manually, and I understand the grassroots perspective as well as the program perspective. Therefore, it is incumbent that as the committee proceeds, you speak to a variety of law enforcement stakeholders to gain the best context available.
One of the most important issues where law enforcement should be the primary stakeholder to potential legislation is the issue of CTR- and SAR-reporting thresholds. Since SARs were first implemented, the reporting thresholds have been the same. Periodically, banking associations and financial institutions have recommended that reporting thresholds be adjusted to account for inflation. I strongly believe that CTR- and SAR-reporting thresholds should remain as they are. Law enforcement would lose valuable financial intelligence if thresholds are raised. This is especially true for terrorist financing, where our primary threat is from homegrown violent extremists involved in more minimal financial flows.
As I have stated, at the core level, the flow of BSA data from the front-end provider (financial institutions) to the back-end consumer (law enforcement) is good. When financial institutions can be proactive and more targeted in their monitoring and reporting, the BSA data they provide is more effective and efficient. When the data flow becomes convoluted and more constrained, the system becomes more flawed, ineffective and inefficient.
When considering new legislation or enhancements to current legislation, we need to assess the theoretical and practical applications of the law. This is where understanding stakeholder perspective can be important. What needs to be remembered and consistently applied is that BSA reporting requirements are intended to provide law enforcement with information to support investigations. Either real or perceived, financial institutions are frequently frustrated by the difference between regulatory requirements and regulatory expectations. The difference between required and expected can impede the practical application of providing law enforcement with information in order to satisfy perceived regulatory expectations.
It is interesting that two of the bills under consideration by the subcommittee deal with kleptocracy and beneficial ownership. Kleptocracy is a form of public corruption where political leaders embezzle or misappropriate state funds. Frequently, they do so through gatekeepers and shell companies by disguising their beneficial ownership of the ill-gotten gains.
Kleptocracy Recovery Reward Act
Kleptocracy is a serious problem that undermines the stability of victim countries. The FBI recently announced the formation of a fourth international corruption squad to address the national impact of foreign bribery, kleptocracy and international anti-trust schemes. Squads are based in Los Angeles, Miami, New York and Washington, D.C. Frequently, kleptocrats rely on gatekeepers and shell or front companies to move and hide their plunder.
According to the FBI, among the most challenging money laundering investigations are those targeting gatekeepers, which may include bankers, brokerage houses, trust companies, attorneys, accountants, money managers, notaries or real estate agents. The FBI’s international corruption squads investigate these international business people who provide professional services to illicit actors wishing to disguise the source or nature of the money. The Kleptocracy Asset Recovery Reward Act is a good bill. It would serve as a viable tool for law enforcement to develop evidence for prosecution, as well as identify, recover and repatriate stolen funds to victim countries.
Corporate Transparency Act of 2019
As a former law enforcement executive, I have been advocating beneficial ownership legislation since 2012. Beneficial ownership through shell companies has been a series vulnerability to our financial system and an impediment for law enforcement for much too long. I encountered my first case involving money laundering in 1975, as a revenue agent in the IRS working with the Organized Crime Strike Force in Newark, New Jersey.
One facilitation tool that consistently garners congressional attention is the issue of beneficial ownership. Year after year, potential bills are introduced regarding beneficial ownership. I strongly encourage the subcommittee to support this beneficial ownership legislation as an enhancement to the BSA. Throughout my law enforcement career, I dealt with the challenge of shell companies and identifying true beneficial owners.
I believe that the best case scenario would be to collect beneficial ownership at the point of incorporation by the secretaries of state. Secretaries of state have consistently been resistant to this. A good case alternative is presented in this legislation. We need to have a central repository for beneficial ownership. FinCEN is the best alternative available for collection of beneficial ownership information. As with BSA data, FinCEN will be a viable conduit for law enforcement for obtaining beneficial ownership information. By collecting beneficial ownership information, and making it available to law enforcement, valuable investigative time will be saved.
On May 11, 2016, FinCEN issued Customer Due Diligence Requirements for Financial Institutions (the CDD Final Rule). The Rule went into effect in May 2018. The Rule strengthens existing customer due diligence (CDD) requirements and requires banks to identify and verify the beneficial owners of legal entity customers. From a practical perspective, with FinCEN collecting beneficial ownership information, the burden of the CDD requirements on financial institutions would be lessened, especially if FinCEN establishes an identification verification mechanism.
I firmly believe that beneficial ownership legislation is necessary and long overdue. My only concerns about this legislation are the potential differences or inconsistencies between information provided to secretaries of state at point of incorporation and information provided to FinCEN at point of registration. In addition, from a practical perspective, I am concerned about FinCEN’s capacity to collect and disseminate beneficial ownership information in an effective and efficient manner.
Discussion Draft to Reform BSA/AML Laws
I believe the discussion draft sets the foundation for meaningful enhancements to BSA/AML legislation. Again, I would like to commend the subcommittee for your leadership role in considering legislative measures to enhance the BSA. Two important themes that resonate throughout the draft are information sharing and partnerships. Throughout my career I have been a strong advocate for sharing information and for establishing public-public and public-private partnerships. Meaningful partnerships lead to proactive and innovative initiatives. Without question, the more we can do to establish practical and sustainable information sharing mechanisms and viable partnerships, the more effective and efficient BSA reporting will become. Going back to considering financial institutions as being facilitation tools or detection mechanisms for fraud, money laundering and other predicate offenses, the end result of more effective and efficient BSA reporting is minimizing facilitation and maximizing detection.
I would like to offer some observations about select provisions in the draft discussion:
Sections 103 and 104 Regarding Civil Liberties
As an FBI agent, I took an oath to uphold the Constitution and protect civil liberties. Any BSA/AML enhancements, particularly where law enforcement gains authority, must ensure we protect civil liberties.
Section 109 FinCEN Exchange
In theory, the FinCEN Exchange is a good idea. Facilitating the public-private sharing of information between financial institutions and law enforcement is extremely important and valuable. From a practical perspective, FinCEN is not a law enforcement agency; and this type of public-private partnership may be better served directly between financial institutions and law enforcement. There are examples of very productive law-enforcement-led working groups with financial institutions that facilitate productive information sharing.
Section 111 De-Risking Report
There are adverse consequences for de-risking. De-risking is a concern and challenge for law enforcement. When individuals and/or entities are de-risked, the prospect of them going underground and losing transparency is problematic. It should be pointed out that a cause for de-risking is the result of regulatory expectations versus regulatory requirements. Real or perceived, financial institutions are influenced by how they believe the regulators view their risk management and determinations of what presents risk.
Section 201 Sharing of Suspicious Activity Reports Within Financial Groups
Permitting financial institutions to share SAR information as articulated in the section would ultimately be beneficial to law enforcement.
Section 202 Training for Examiners on AML/CTF
Training examiners for anti-money laundering/counter-terrorist financing (AML/CTF) is a good idea. I believe this training should go beyond AML/CTF to include perspective training. What I mean by perspective training is that examiners may not know how financial institution employees think or operate. Bank operational training should be required in addition to AML/CTF training. Terrorist financing is extremely difficult to identify. From a practical perspective, it is extremely difficult for anyone to understand or identify terrorist financing.
Section 203 Sharing of Compliance Resources
Sharing resources, especially by smaller financial institutions, would have a tremendous cost benefit and could enhance the effectiveness and efficiency of BSA reporting.
Section 206 Section 314(a) Improvements and Section 207 Sharing of Threat Pattern and Trend Information
Information sharing through Section 314 is extremely important. Any enhancements to improve information sharing would result in more effective, efficient and qualitative BSA reporting. In Section 206, from a practical perspective, it would be challenging to maintain current law enforcement points of contact. However, it would be a worthwhile effort. In Section 207, sharing typologies on emerging money laundering and counter-terrorist financing threat patterns and trends would be extremely beneficial. One model for this type of information sharing exists on a small scale. The FBI’s TFOS had an outstanding bank security advisory group where typologies were shared and acted upon. There are other examples of similar working groups, especially in the area of human trafficking.
Section 214 Application of Bank Secrecy Act to Dealers in Arts and Antiquities
Arts and antiquities have, for a long time, quietly been a mechanism for hiding ill-gotten gains and serving as a money laundering tool. This was never more evident than with the theft and black market sales of art and antiquities from Iraq and Syria by the Islamic State to help support their terrorist organization.
Beyond arts and antiquities, exemptions from BSA/AML requirements should be lifted from non-bank financial institutions to include persons involved in real estate closings and settlements and sellers of vehicles, including automobiles, airplanes and boats.
In addition to arts and antiquity dealers, consideration should be given to include gatekeepers, especially formation agents, who form corporations and trusts.
Section 215 Revision to Geographic Targeting Order
Geographic targeting orders referred to for real estate should be expanded. It should apply nationwide and consideration should be given to making it permanent.
Section 301 Encouraging Innovation in BSA Compliance
Innovation is extremely important and should be broadly encouraged.
Once again, I thank the subcommittee for the opportunity to testify. I look forward to answering your questions or providing further clarification.
Dennis M. Lormel, president and CEO of DML Associates, LLC, delivered this testimony before the U.S. House of Representatives Committee on Financial Services, Subcommittee on National Security, International Development, and Monetary Policy at the hearing “Promoting Corporate Transparency: Examining Legislative Proposals to Detect and Deter Financial Crimes” on March 13, 2019.