In this video, Adam talks about SAR confidentiality and how it applies to the bank and its directors.  He even talks about how FinCEN sent a warning to directors and their attorneys reminding them of confidentiality of SARs. 

Video Transcript

The following is a transcript of this video.

Today's Compliance Clip will focus on board confidentiality of Suspicious Activity Reports.

The requirement under the Bank Secrecy Act is that financial institutions must notify the board of directors or a committee of the board that SARs have been filed. They must be reported at the next regular meeting, which is usually the best practice, or at a convenient time. And the rule permits full copies of SARs to be provided to the board of directors and so financial institutions do that.

The confidentiality requirement of the Bank Secrecy Act says that no bank employee may notify any person involved in a SAR that a SAR has been reported. FinCEN takes the position that a bank's internal controls for the filing of SARs should minimize the risk of disclosure. Basically, you need to figure out a way to file SARs without letting too many people know.

The rule does go on and say that SARs may be revealed to fulfill responsibilities consistent with the bank secrecy act, meaning that you can reveal SARS information to your board because you have a requirement to report to your board of directors each SAR that was filed.

That said, there's been a problem over the years with reporting full SARS Information to the board of directors. Specifically, what the problem has been was recognized in the Financial Institution Notice or FIN 2012-A002. This is guidance provided by FinCEN who manages the Bank Secrecy Act for financial institutions and in this guidance, it discussed the increasing evidence of inappropriate SAR disclosure by banks specifically by the directors and their attorneys. It was a reminder directed at directors and attorneys, reminding them of the requirements of SAR confidentiality.

It basically said they've been receiving subpoenas for SARs that nobody should know even exist. That is a problem. And what I have seen over the years is that most financial institutions, especially community banks, have directors who are not bankers. The directors may be CPAs, they may be attorneys, but a lot of directors are business owners in industries that do not have the same confidentiality requirements as financial institutions. And because of that, directors don't always fully realize how important and imperative it is for SAR confidentiality. Therefore, the best practice in reporting SARs to the board of directors is to only provide summaries of the SAR to the board of directors.

For example, you could say something like “four SARs were filed for possible structuring and one was filed for potential kiting” and you would do this instead of providing five full copies of SARs. A narrative that short is considered appropriate especially for most community banks and credit unions who would be watching this clip.

That is our topic for today in our Compliance clip.