The US National Illicit Finance Strategy – I Read It. Carefully.
Jim Richards – May 21, 2024
—
Sorry, Treasury, some of us actually read what you wrote. Section 6101 of the AML Act of 2020 doesn’t require a proposed rule, it requires a final rule. And the DOJ shouldn’t claim “significant progress” when it has yet to provide the annual reports that section 6201 requires.
2024 National Strategy for Combating Terrorist & Other Illicit Financing
On May 16, 2024, the Treasury Department published its 2024 Illicit Finance Strategy. Published every two years, these strategy documents set out the U.S. Federal government’s goals, priorities, and supporting actions to address the threats and vulnerabilities posed by terrorist and other illicit financial activity. For each supporting action, the strategy includes “benchmarks for progress” to be met by the next bi-annual strategy.
The 2024 strategy laid out three goals and the four priorities with fifteen supporting actions to address the eight threats and ten vulnerabilities.
The Strategy document is a whole-of-Government effort. It is lengthy (50 pages), complex, and comprehensive in its coverage of the threats and vulnerabilities, what the Government is doing to address those threats and vulnerabilities, and how the Government will benchmark its progress. It is an impressive document.
But it is the length, density, and complexity of the document that could prevent a reader from identifying issues or concerns with the US government’s strategy, and progress against that strategy. This is important: the private and public sectors are spending tens of billions of dollars fighting financial crime, and those billions must be well spent on actions that provide the most value. And if the Government is asking us to judge its efforts, based on its own benchmarks, then those efforts and benchmarks must be accurate.
—
I’ve found two examples of possibly inaccurate efforts and benchmarks:
Priority II, Supporting Action 6: Enhance Risk-Focused Supervision and Enforcement
At page 16 of the Strategy:
“… as required by section 6101 of the AML Act, FinCEN intends to issue an NPRM to revise AML program requirements for all financial institutions, which will further incorporate the risk-based approach into the United States’ AML/CFT regime. The Federal functional regulators intend to conform their BSA/AML program requirements simultaneously with FinCEN’s proposed updates. At the same time, FinCEN will continue working with the Federal functional regulators to develop and implement annual Federal examiner AML training required under AML Act section 6307. Treasury and the federal functional regulators continue to advance these and other potential changes to enhance the AML/CFT regulatory and examination framework.”
And the 2026 “benchmark for progress” for this supporting action is “issue the NPRM required by AML Act section 6101 to propose updates to the AML program rule requirements to require effective, risk-based, and reasonably designed AML/CFT programs.”
But there is a problem with this requirement and the benchmark.
—
Section 6101 of the AML Act of 2020 required a final rule by December 2021
Section 6101, titled “Establishment of national exam and supervision priorities”, amended two key sections of (what we call) the Bank Secrecy Act: section 5311, the declaration of purpose, and section 5318(h), the AML program requirements. Section 6101 added paragraph 5318(h)(4), which called for the establishment and publication of national priorities every four years, beginning no later than 180 days after the passage of the AML Act (which turned out to be June 30, 2021), and, not later than 180 days after that date, the Secretary of the Treasury, acting through the Director of FinCEN “shall, as appropriate, promulgate regulations to carry out” this paragraph.
Why were regulations needed to carry out this paragraph? The paragraph also included a “supervision and examination” clause: financial institutions’ incorporation of those priorities, as appropriate, into their risk-based programs “shall be included as a measure on which that institution is supervised and examined”.
Very simply, section 6101 called for (1) the establishment of national exam and supervision priorities; (2) financial institutions incorporating those priorities into their AML/CFT programs; (3) federal regulators supervising and examining those institutions on whether and how they incorporated the priorities into their programs; and (4) Treasury, through FinCEN, to publish the rules (regulations) needed for all of that to happen.
And section 6101 provided a timeline: priorities within 180 days of the passage of the AML Act; and a rule or rules within 180 days of the publication of the priorities.
The priorities were published June 30, 2021, so, under section 5318(h)(4)(D), FinCEN was required to publish a final rule by December 29, 2021.
—
It is May 21, 2024 and FinCEN has not yet published a proposed rule, let alone a final rule.
Section 6101 required a final rule to be published by the end of December 2021. So when Treasury writes in its May 2024 Strategy that it intends to issue a proposed rule (an NPRM or Notice of Proposed Rule Making) “as required by section 6101 of the AML Act”, and gives itself a benchmark of 2026 to do so, it is both misstating section 6101 and setting a benchmark that is as much as five years longer than Congress envisioned.
In fairness to Treasury, it has assessed its progress as “limited”:
—
Priority III, Supporting Action 8: “Regularly Update and Communicate Illicit Finance Risks and AML/CFT Priorities”
Treasury has concluded that it has made “significant progress” in meeting its obligations towards this supporting action.
Let’s look at what went into this action and Treasury’s conclusion that it has made significant progress.
At page 19 of the Strategy, Treasury writes:
“Department of Justice continues to provide, as required under AML Act Section 6201, annual reports that contain information in the form of statistics, metrics, and other financial intelligence on the use of data derived from financial institutions’ reporting under the BSA. These reports help FinCEN further understand the actionable uses of financial intelligence reported to the U.S. government.
There is a footnote supporting this statement (footnote 44). That footnote cites to a GAO report from August 25, 2022: Government Accountability Office (GAO), Bank Secrecy Act: Action Needed to Improve DOJ Statistics on Use of Reports on Suspicious Financial Transactions.
So the DOJ relied on this August 2022 GAO report to support its conclusion that it “continues to provide, as required under the AML Act Section 6201, annual reports that contain information in the form of statistics, metrics, and other financial intelligence on the use of data derived from financial institutions’ reporting under the BSA.”
—
Except the GAO report said the opposite.
Here’s what the GAO report said:
“The 2021 National Defense Authorization Act (NDAA) [of which the AML Act is a part of] directs the Department of Justice (DOJ) to provide annual statistics, metrics, and other information to the Secretary of the Treasury on agencies’ use of BSA reports, including how often reports contributed to arrests and convictions. But none of the agencies that DOJ contacted, including DOJ component agencies, provided the statistics described in the NDAA. DOJ’s first annual report focused on qualitative information and statistics already available to FinCEN. DOJ stated that agencies faced challenges collecting data that connect their use of BSA reports to case outcomes using current data systems … DOJ’s first annual statistical report on BSA reflected some methodological weaknesses. For example, it did not include data from two agencies that track some uses of BSA reports because DOJ did not have procedures for following up on its data requests. The DOJ office that drafted the report did not collaborate with DOJ’s Chief Information Officer or Statistical Official in the report’s design. By involving the expertise of these DOJ offices in the development of future annual reports, DOJ could better ensure a rigorous methodology for collecting and presenting the report’s required statistics.”
In other words, the DOJ’s first annual report, released to Treasury (not to the public!) in early 2022, failed to provide the information required by section 6201.
—
What about the 2023 report that Justice was required to submit to Treasury? Did that report provide the information required by section 6201?
No.
What about the 2024 report?
Who knows: there is nothing publicly available about whether DOJ has provided Treasury with its 2024 annual report.
—
But the GAO did take a look at DOJ’s 2023 annual report in the GAO’s March 11, 2024 report “Anti-Money Laundering: Better Information Needed on Effectiveness of Federal Efforts”. The fourth of four findings found that the data on outcomes of federal investigations that the DOJ could provide was not sufficient.
This finding was not surprising. The DOJ’s reaction and response to the GAO’s 2022 report was a resounding “meh” and there were no indications DOJ was taking any affirmative steps to satisfy its section 6201 annual reporting requirements.
The 2023 GAO report noted, in footnote 83, that section 6201 of the AML Act requires DOJ to annually produce a report containing statistics, metrics, and other information on the use of data derived from BSA-reported data, including the extent to which arrests and convictions were related to the use of the BSA-reported data.
The GAO noted that there was no common database or methodology to track whole-of-government outcomes in countering illicit finance; and the DOJ’s Fiscal Year 2023 appropriation included a provision for DOJ to establish an interagency working group to track money laundering investigations. However, “as of November 2023, DOJ officials did not have a status update on this provision.”
Without a whole-of-government approach, the GAO looked at what individual federal law enforcement agencies were doing to track outcomes of their illicit finance investigations.
The GAO found that U.S. Attorneys’ Offices charged about 2,100 – 2,500 defendants annually under federal money laundering-related statutes in fiscal years 2018– 2022. About 820 – 1,200 defendants per fiscal year were found guilty in that period. In these cases, federal agencies seized assets valued from $414 million in fiscal year 2018 up to $1.6 billion in fiscal year 2019 and finalized the forfeiture of assets valued from $495 million in fiscal year 2022 to $1.5 billion in fiscal year 2019.
But none of that covered what was required under section 6201 of the AML Act: how did BSA reports impact those investigations, prosecutions, convictions, seizures, and forfeitures? How many BSA reports, and which BSA reports, were used in law enforcement agencies’ illicit finance investigations? Why were they used?
Context is important: over 20 million CTRs and SARs were filed in each of the five years (2018 – 2022) that the GAO considered, and the total amount reported in SARs is approximately $550 billion to $600 billion per year.
What is missing is how many CTRs and SARs were used to charge and convict the roughly 1,000 defendants found guilty of illicit finance charges. Even if 100 SARs are used in each and every one of the 1,000 convictions (100,000 SARs), that means 99.75 percent of SARs are not used.
And the private sector is reporting $600 billion a year in suspicious activity, while the public sector seizes and forfeits about $1 billion a year in criminal proceeds.
Section 6201 was intended to require the DOJ to connect the private sector inputs – BSA reports filed by the private sector – with the public sector outcomes – investigations, prosecutions, convictions, seizures, and forfeitures.
In May 2024 Treasury writes that the DOJ “continues to provide, as required under the AML Act Section 6201, annual reports that contain information in the form of statistics, metrics, and other financial intelligence on the use of data derived from financial institutions’ reporting under the BSA.”
That is false. The DOJ has never provided the annual reports as required under the AML Act Section 6201.
—
Conclusion
Treasury’s 2024 National Illicit Finance Strategy is an impressive, all-of-Government document setting out the threats, vulnerabilities, priorities, goals, supporting actions, and benchmarks for progress in the fight against illicit finance.
This impressive, 50-page report deserved a close reading. And a close reading revealed two areas of concern.
First, given that section 6101 of the AML Act required Treasury to publish a final rule addressing risk-focused supervision and enforcement by the end of 2021, Treasury was remiss in writing that a proposed rule “required by the AML Act Section 6201” would be a “benchmark for progress” by 2026.
Based on my upbringing and experience, if I set a “benchmark for progress” of handing in a draft paper by December 2026 when I knew a final paper had been due by December 2021, I’d expect to be called out for it.
So I’m calling out the DOJ: “no, you were supposed to issue a final rule in 2021! Don’t set a benchmark for progress for a proposed rule by 2026. That’s disingenuous and deceptive.
Second, the Department of Justice has not made “significant progress” in providing, as required under AML Act Section 6201, annual reports that contain information in the form of statistics, metrics, and other financial intelligence on the use of data derived from financial institutions’ reporting under the BSA. And the GAO report the DOJ cites to support its assertion that it “continues to provide such information” actually provides, quite clearly, that the DOJ has never provided such information!
But this isn’t a new issue. The public sectors’ failure to provide information to the private sector has been an issue for over forty years of the AML regime’s fifty-four-year history. In a report issued on June 11, 1986 (yes, 1986), the GAO recommended that Treasury should “obtain information from law enforcement agencies which would identify cases when the BSA and/or its data is used in criminal investigations and prosecutions.”
In passing Section 6201 of the AML Act of 2020, Congress required the Justice Department to annually produce a report containing statistics, metrics, and other information on the use of data derived from BSA-reported data, including the extent to which arrests and convictions were related to the use of the BSA-reported data.
The DOJ’s first two reports did not satisfy Congressional intent. If the third annual report was released to Treasury, there is no indication that it satisfied, or could have satisfied, Congressional intent.
It’s now 2024. It’s been thirty-eight years, and the public sector consumers of BSA reports remains unwilling and unable to provide the private sector producers of BSA reports with information on the use of data derived from BSA-reported data and on the extent to which that data leads to convictions.
—
Jim Richards is a 30-year financial crimes professional offering BSA Officer, director, and senior management support, training, awareness, and crisis management around all risks and threats related to financial crimes. Read more from Jim here.