1557-0180

Download: doc | pdf

Supporting Statement

OMB Control Number 1557-0180

(MA)-Minimum Security Devices and Procedures, Reports of Suspicious Activities, and Bank Secrecy Act Compliance Program – 12 CFR 21

A. Justification.

1. Circumstances that make the collection necessary:

Minimum Security Devices and Procedures (12 CFR 21.2 and 21.4): Under §§ 21.2 and 21.4, a national bank is required to designate a security officer who must develop and administer a written security program. The security officer shall report at least annually to the bank’s board of directors on the effectiveness of the security program. The substance of the report shall be reflected in the Board’s minutes. These requirements ensure that the security officer is responsible for the security program and that bank management and the board of directors are aware of the content and effectiveness of the program. These requirements ensure prudent bank management and bank safety and soundness.

SAR (12 CFR 21.11): The Financial Crimes Enforcement Network (FinCEN) and Federal financial institution supervisory agencies¹ (bank regulators) adopted the SAR in 1996 to simplify the process through which depository institutions (banks) inform their regulators and law enforcement about suspected criminal activity. The SAR was updated in 1999, 2002, and 2006. FinCEN and the bank regulators are once again revising the SAR to enhance the clarity of the instructions to allow for joint filing of SARs, and to improve the usefulness of the SAR to law enforcement.

In 1992, the Department of the Treasury was granted broad authority to require suspicious transaction reporting under the Bank Secrecy Act. See 31 U.S.C. 5318(g). FinCEN, which has been delegated authority to administer the Bank Secrecy Act, joined with the bank regulators in 1996 in requiring, on a consolidated form (the SAR form), reports of suspicious transactions. See 31 CFR 103.18(a). The filing of SARs is necessary to prevent and detect crimes involving bank funds, bank insiders, criminal transactions, and money laundering. These requirements are necessary to ensure bank safety and soundness.

Banks are required to maintain a copy of any SAR filed and the original or business record equivalent of any supporting documentation for a period of five years. The documents are necessary for criminal investigations and prosecutions.

Procedures for Monitoring Bank Secrecy Act Compliance (12 CFR 21.21): Under 12 CFR 21.21, national banks are required to develop and provide for the continued administration of a program reasonably designed to assure and monitor their compliance with the Bank Secrecy Act (BSA) and Treasury regulations at 12 CFR Part 31. The compliance program shall be reduced to writing, approved by the board of directors and noted in the minutes. These requirements are necessary to ensure bank compliance with the BSA and 12 CFR Part 31.

2. Use of the information:

Minimum Security Devices and Procedures (12 CFR 21.2 and 21.4): The OCC uses the information to ensure that national banks carefully review the effectiveness of their security systems and comply with Federal law. The information collection ensures that national banks conduct their activities in accordance with safe and sound principles. A national bank’s board of directors uses the information to ensure that the bank’s security system is adequate.

SAR and Retention of Records (12 CFR 21.11): The OCC uses the SAR and the supporting documentation retained by national banks for supervisory purposes. The information collection identifies suspicious transactions that could pose a threat to national banks.

FinCEN and the Internal Revenue Detroit Computing Center (DCC) operate the computer system containing the information collected from banks. FinCEN and DCC provide on-line access to the information to representatives of bank regulators and appropriate law enforcement agencies.

Procedures for Monitoring Bank Secrecy Act Compliance (12 CFR 21.21): National banks use the compliance program to ensure compliance with the Bank Secrecy Act. Bank examiners review the written procedures and board approval in the examination process.

3. Consideration of the use of improved information technology:

Minimum Security Devices and Procedures (12 CFR 21.2 and 21.4): This is an internal bank record. Banks may use any technology that permits review by OCC examiners.

SAR (12 CFR 21.11): -- The SAR system uses improved information technology to reduce burden on banks. Whereas banks previously filed multiple copies of different forms with their primary regulators, U.S. Attorneys’ offices, the FBI, and other law enforcement agencies, as necessary, they are now able to file one, consolidated form online with FinCEN through the BSA Direct E-Filing System. By offering on-line access to appropriate users, FinCEN has eliminated the need for multiple filings. Because the various forms have been consolidated into one, the information collected is easier to collate, analyze, and use. BSA Direct will also provide improved access to the SAR database for law enforcement and state and federal regulators.

SAR Retention of Records (12 CFR 21.11): Original documents are needed for investigative and evidentiary purposes.

Procedures for Monitoring Bank Secrecy Act Compliance (12 CFR 21.21): The OCC and the other bank regulators have imposed only the minimum requirements needed to satisfy the law. This is an internal bank record. National banks may use any information technology that permits review by OCC examiners.

4. Efforts to identify duplication:

The required information is unique and is not duplicative of any other information already collected.

5. Methods used to minimize burden if the collection has a significant impact on a substantial number of small entities:

Not applicable. The collection does not have a significant impact on a substantial number of small entities.

6. Consequences to the Federal program if the collection were conducted less frequently:

Minimum Security Devices and Procedures (12 CFR 21.2 and 21.4): A national bank must designate a security officer who must develop and administer a written security program and report on the effectiveness of the program on an annual basis. This annual review and reporting is a necessary part of a strong security program and less frequent review and reporting could impair a bank’s safety and soundness.

SAR (12 CFR 21.11): With the automated SAR system, the bank regulators, law enforcement, and industry benefit from improved detection of financial crime, analysis of trends, and coordination of investigative efforts. The SAR requirement provides law enforcement and regulatory agencies with the ability to fight financial crime and ensures the safety and soundness of banks.

SAR Retention of Records (12 CFR 21.11): A national bank must maintain a copy of any SAR filed and the original or business record equivalent of any supporting documentation for a period of five years.

Procedures for Monitoring Bank Secrecy Act Compliance (12 CFR 21.21): Each national bank is required to develop and maintain a written compliance program.

7. Special circumstances that would cause an information collection to be conducted in a manner inconsistent with 5 CFR Part 1320:

With one exception, these recordkeeping and reporting requirements are conducted in a manner consistent with the requirements of 5 CFR 1320. The reporting of suspicious activity on a SAR may occur more frequently than quarterly, depending on the frequency of the activity. This information must be reported in a timely manner to enable law enforcement to take appropriate action. Records must be kept for five years because substantive violations of the law that may be indicated by the suspicious activity are generally subject to statutes of limitations of longer than three years. To ensure that documents are available for prosecutions, reporting banks must retain original evidentiary documents for five years.

8. Efforts to consult with persons outside the agency:

On April 1, 2009, FinCEN and the bank regulators published a joint Federal Register Notice soliciting comments for 60 days regarding revisions to the SAR (74 FR 14863). No comments were received by the OCC. Three comments were received by FinCEN, one of which was also directed to the FDIC. A discussion of these comments can be found in FinCEN’s supporting statement, which is included as a supplementary document in this ICR.

9. Payment or gift to respondents:

None.

10. Any assurance of confidentiality:

Information provided to the government on the SARs is expressly prohibited from disclosure under 31 U.S.C. 5318(g)(2). Appropriate system security safeguards have been put in place to protect against unauthorized access.

11. Justification for questions of a sensitive nature:

There are no questions of a sensitive nature.

12. Burden estimate:

The OCC estimates that the time spent by each national bank to file a SAR will vary, depending on the size and type of bank involved and the number of reportable transactions. The OCC estimates that 1,601 national banks will file approximately 332,618 SARS each year. The OCC estimates that the annual recordkeeping burden of 1,601 national banks will vary, depending on the size and type of bank. The burden is calculated as follows:

Cite and Burden Type	Information Collection Requirements in 12 CFR Part 21	Number of Respondents/ Recordkeepers and Responses/Records	Average Hours Per Response	Estimated Burden Hours
12 CFR 21.2 and 21.4 Recordkeeping	Subpart A – Minimum Security Devices and Procedures § 21.2 – Designation of security officer – A bank’s board of directors shall designate a security officer who must develop and administer a written security program. § 21.4 – Report – The security officer for a national bank shall report at least annually to the bank’s board of directors on the effectiveness of the security program. The substance of such report shall be reflected in the Board minutes.	1,601 recordkeepers 1,601 records	.5 hour	801 hours
12 CFR 21.11(a) Reporting 12 CFR 21.11(g) Recordkeeping	Subpart B – Reports of Suspicious Activities § 21.11(a) – Suspicious Activity Report – Purpose and scope – National banks are required to file a Suspicious Activity Report when they detect a known or suspected violation of Federal law or a suspicious transaction related to a money laundering activity or a violation of the Bank Secrecy Act. This section applies to all national banks as well as any Federal branches and agencies of foreign banks licensed or chartered by the OCC. § 21.11(g) – Suspicious Activity Report – Retention of records – A national bank shall maintain a copy of any SAR filed and the original or business record equivalent of any supporting documentation for a period of five years from the date of the filing of the SAR. Supporting document shall be identified and maintained by the bank as such, and shall be deemed to have been filed with the SAR.	1,601 respondents 332,618 responses 1,601 recordkeepers 1,601 records	1 hour 1.8 hours	332,618 hours 2,882 hours
12 CFR 21.21 Recordkeeping	Subpart C – Procedures for Monitoring Bank Secrecy Act Compliance § 21.21 -- Bank Secrecy Act compliance – All national banks are required to develop and provide for the continued administration of a program reasonably designed to assure and monitor their compliance with subchapter II of chapter 53 of title 31, United States Code, and the implementing regulations promulgated thereunder by 31 CFR part 103. The compliance program shall be reduced to writing, approved by the board of directors, and noted in the minutes.	1,601 recordkeepers 1,601 records Community Banks: 1,431 Mid-Size Banks: 69 Large Banks: 101	35 hours 250 hours 450 hours	50,085 hours 17,250 hours 45,450 hours
Total reporting		1,601 respondents 332,618 responses		332,618 hours
Total recordkeeping		1,601 recordkeepers 4,803 records		116,468 hours
Totals		337,421 Responses/Records		449,086 hours

Cost of Hour Burden to Respondents:

The OCC estimates the cost of the hour burden to respondents (by wage rate categories) as follows:

Recordkeeping Burden:

Clerical ($20/hour): 70% x 116,468 hours @ $20 = $ 1,630,552

Managerial/technical ($40/hour): 20% x 116,468 hours @ $40 = $ 931,744

Senior Management ($80/hour): 10% x 116,468 hours @ $80 = $ 931,744

Total $ 3,494,040

Reporting Burden:

Clerical ($20/hour): 05% x 322,618 hours @ $20 = $ 322,618

Managerial/technical ($40/hour): 10% x 322,618 hours @ $40 = $ 1,290,472

Senior Management ($80/hour): 55% x 322,618 hours @ $80 = $14,195,192

Legal Counsel ($100/hour): 30% x 322,618 hours @ $100 = $ 9,678,540

Total $25,486,822

Total Hour Burden Cost (Recordkeeping and Reporting): $28,980,862

13. Estimate of total annual costs to respondents (excluding cost of hour burden in Item #12):

Not applicable.

14. Estimate of annualized costs to the Federal government:

Not applicable.

15. Change in burden:

Former Burden:

1,928 respondents; 1,928 recordkeepers; 250,184 responses/records; 365,194 burden hours

New Burden:

1,601 respondents; 1,601 recordkeepers; 337,421 responses/records; 449,086 burden hours

Difference:

- 327 respondents; - 327 recordkeepers; + 87,237 responses/records (SARs); + 83,892 burden hours

The adjustment decrease (respondents/recordkeepers) is due to a decrease in the number of national banks. The adjustment increase (responses) is due to an increase in the number of SAR filings and more accurate estimates overall.

16. Information regarding collections whose results are to be published for statistical use:

The OCC has no plans to publish the information for statistical purposes.

17. Reasons for not displaying OMB approval expiration date:

To avoid having to reprint the form just to show a new date, FinCEN is requesting permission not to display the OMB expiration date on the SAR form.

18. Exceptions to the certification statement in Item 19 of OMB Form 83-I:

None.

B. Collections of Information Employing Statistical Methods.

Not applicable.

File Type	application/msword
File Title	Supporting Statement
Author	Administrator
Last Modified By	OCC
File Modified	2009-06-17
File Created	2009-02-19