What is the Bank Secrecy Act and How to Comply
The Bank Secrecy Act (BSA) is an anti-money laundering (AML) US law applicable to financial institutions. It aims to deter money laundering banking activities abroad by ensuring financial institutions maintain an audit trail. The law achieves this aim by regulating recordkeeping and reporting requirements for financial institutions.
Part of our series of articles about AML compliance.
In this article:
- Bank Secrecy Act History
- Who Enforces BSA Compliance?
- How the Bank Secrecy Act Works
- Bank Secrecy Act Compliance Requirements
Bank Secrecy Act History
The US Congress passed the BSA, and President Nixon signed it in 1970. However, it faced some controversy, with several organizations claiming that it violated constitutional rights such as the Fourth Amendment (unwarranted search and seizure) and Fifth Amendment (due process).
In 1974, the Supreme Court reviewed the California Bankers Association vs. Shultz (416 US 21) case and upheld the lawfulness of the Act. However, implementation of the BSA was slow to take off until financial institutions began to comply with its requirements in the 1080s.
Since then, the BCA has undergone several amendments. For example, the 2001 Patriot Act included provisions (Title III) requiring financial institutions to implement anti-money laundering (AML) processes. As a result, in addition to the established BSA requirements, organizations must now establish internal AML policies and controls, train their employees, appoint compliance officers, and support independent audits to test their procedures and ensure compliance.
Related content: Read our guide to AML in banking
Who Enforces BSA Compliance?
To support BSA AML compliance and ensure financial institutions are accountable, in 1990, the United States Department initiated the Financial Crimes Enforcement Network (FinCEN).
FinCEN aims to secure the financial systems from the damages of financial crime, including money laundering, terrorist financing, and other illegal activity. This mission permits it to administer, implement, and enforce BSA AML compliance.
Here are three central AML requirements of the BSA. FinCEN ensures banks adhere to these requirements:
- Use the Currency Transaction Report to document cash transactions of more than $10,000
- Correctly identify individuals conducting transactions.
- Keep relevant documents of financial transactions to retain an accurate paper trail.
How the Bank Secrecy Act Works
The BCA only applies to transactions over $10,000, but not all such transactions require documentation. In addition, the law includes exceptions for transactions that do not require additional scrutiny. For example, companies listed on the major exchanges in the US and Government agencies are exempt.
The Internal Revenue Service (IRS) says that businesses must file Form 8300 when they receive large amounts of cash (over $10,000) from a single individual. This rule applies to multiple related transactions in addition to single, large transactions. It may affect individuals, companies, associations, trusts, or estates.
The Form 8300 requirement applies to cash transactions within the US (including its territories and possessions). The responsible business or individual must file the form within 15 days of the transaction.
The Comptroller of the Currency is responsible for examining institutions such as banks and savings associations to ensure they comply with the BSA. As a result, the BSA can help counter criminal activities, but it has also attracted criticism for inadequately defining suspicious transactions. In addition, the guidelines for assessing risk are few, and authorities can access business data without obtaining a court order.
Bank Secrecy Act Compliance Requirements
AML Compliance Program
The BSA states that financial institutions must create an anti-money laundering (AML) initiative. A successful BSA-AML compliance initiative must meet the specific requirements of the relevant financial institution, including its unique risk profile.
Here are the principal components of an AML compliance program:
- Internal systems and controls—should build an AML program around written procedures and policies to help employees identify and monitor financial crime and money laundering activities.
- Compliance officer—an employee must be appointed to manage the creation and implementation of their organization's program. The compliance officer must provide oversight for internal controls and arrange independent examinations and audits of their organization's AML compliance initiative.
- BSA training—organizations must offer all employees fundamental training in BSA-AML compliance. Employees with more responsibility could require advanced certification or training.
- Independent audits—organizations must create a consistent plan for independent audits to assess the ongoing success of an AML program. Professional third parties should carry out audits.
Reporting and Record-Keeping
- Currency Transaction Reports (CTR)—if a cash transaction of more than $10,000 occurs, an individual must file a transaction report. However, this only relates to the physical exchange of money (paper or cash) between individuals.
- Form 8300—some businesses that get more than $10,000 in cash in one transaction or several related transactions within 24 hours must file Form 8300. These businesses include art galleries, car dealerships, and insurance firms.
- Suspicious Activity Reports (SAR)—a transaction related to suspected BSA violations or terrorist financing activities that collects more than $5,000 goes into a suspicious activity report. You can file such a report voluntarily if the threshold is below $5,000.
- Foreign Bank and Financial Account Report (FBAR)—if individuals have foreign bank accounts of $10,000 or more, they should submit an annual filing requirement, the FBAR, using a financial professional or by themselves. Financial professionals should register to complete the FBAR as an institution.
Most FinCEN reports are online using the BSA e-filing system. However, organizations should apply FinCEN for approval before filing electronically.
Financial institutions should document suspicious behaviors. For example, they should retain logs of purchases of monetary instruments (including bank checks, travelers, and cashiers) between $3,000-$10,000. The log must verify and record purchasers' identities and specify the sum of their transactions. They should do this as well as BSA filing requirements.
BlueCheck KYC and AML Identity Verification
BlueCheck helps financial institutions conduct KYC checks, including identity and age verification, to meet anti-money laundering regulations. Key features include:
- Multiple datasets to confirm information—a combination of proprietary and commercially available databases to verify the information. BlueCheck can increase the likelihood of a successful verification using this combination of resources, streamlining the onboarding process.
- Smart Database Navigation—BlueCheck can automatically verify most customers using smart database navigation. Queries move through the most accurate databases commercially available to ensure a match.
- Quick Implementation—Using our DirectAPI or CustomJS framework, BlueCheck Identity Verification can deploy quickly, saving your business time and money.
- Set How Users Are Verified—BlueCheck offers a host of verification methods giving users a choice and alternatives when identifying themselves. For example, allow for name & address, last 4 of SSN, or Photo ID verification.
- Encryption & Security Standards—BlueCheck utilizes multi-layer data encryption to ensure data is securely transmitted and stored, protect against malicious actors, and safeguard the verification process.
- Developer & API Documentation—thoroughly documented REST API available in addition to the verification plugin.