Supporting Statement
OMB Control Number 1557-0180
Minimum Security Devices and Procedures, Reports of Suspicious Activities, and Bank Secrecy Act Compliance Program
A. Justification.
1. Circumstances that make the collection necessary:
Minimum Security Devices and Procedures (12 CFR 21.2 and 21.4; and 12 CFR 568.2 and 568.4): Under §§ 21.2 and 21.4; and §§ 568.2 and 568.4, national banks and savings associations are required to designate a security officer who must develop and administer a written security program. The security officer shall report at least annually to the institution’s board of directors on the effectiveness of the security program. The substance of the report shall be reflected in the Board’s minutes. These requirements ensure that the security officer is responsible for the security program and that institution management and the boards of directors are aware of the content and effectiveness of the program. These requirements ensure prudent institution management and institution safety and soundness.
SAR (12 CFR 21.11 and 12 CFR 163.180): The Financial Crimes Enforcement Network (FinCEN) and Federal financial institution supervisory agencies1 (bank regulators) adopted the SAR in 1996 to simplify the process through which depository institutions inform their regulators and law enforcement about suspected criminal activity. The SAR was updated in 1999, 2002, 2006, and 2009.
In 1992, the Department of the Treasury was granted broad authority to require suspicious transaction reporting under the Bank Secrecy Act. See 31 U.S.C. 5318(g). FinCEN, which has been delegated authority to administer the Bank Secrecy Act, joined with the bank regulators in 1996 in requiring, on a consolidated form (the SAR form), reports of suspicious transactions. See 31 CFR 1020.320(a) (formerly 31 CFR 103.18(a)). The filing of SARs is necessary to prevent and detect crimes involving depository institution funds, institution insiders, criminal transactions, and money laundering. These requirements are necessary to ensure institution safety and soundness.
Banks and savings associations are required to maintain a copy of any SAR filed and the original or business record equivalent of any supporting documentation for a period of five years. The documents are necessary for criminal investigations and prosecutions.
Procedures for Monitoring Bank Secrecy Act Compliance (12 CFR 21.21; and 12 CFR 163.177): Under 12 CFR 21.21 and 12 CFR 163.177, national banks and savings associations are required to develop and provide for the continued administration of a program reasonably designed to assure and monitor their compliance with the Bank Secrecy Act (BSA) and applicable Treasury regulations. The compliance program shall be reduced to writing, approved by the board of directors and noted in the minutes. These requirements are necessary to ensure institution compliance with the BSA and applicable Treasury regulations.
2. Use of the information:
Minimum Security Devices and Procedures (12 CFR 21.2 and 21.4; and 12 CFR 568.2 and 568.4): The OCC uses the information to ensure that national banks and savings associations carefully review the effectiveness of their security systems and comply with Federal law. The information collection ensures that national banks and savings associations conduct their activities in accordance with safe and sound principles. The boards of directors of national banks and savings associations use the information to ensure that the institutions’ security systems are adequate.
SAR and Retention of Records (12 CFR 21.11 and 12 CFR 163.180): The OCC uses the SAR and the supporting documentation retained by national banks and savings associations for supervisory purposes. The information collection identifies suspicious transactions that could pose a threat to these institutions.
FinCEN and the Internal Revenue Detroit Computing Center (DCC) operate the computer system containing the information collected from national banks and savings associations. FinCEN and DCC provide on-line access to the information to representatives of bank regulators and appropriate law enforcement agencies.
Procedures for Monitoring Bank Secrecy Act Compliance (12 CFR 21.21 and 12 CFR 163.177): National banks and savings associations use the compliance program to ensure compliance with the Bank Secrecy Act. Bank examiners review the written procedures and board approval in the examination process.
3. Consideration of the use of improved information technology:
Minimum Security Devices and Procedures (12 CFR 21.2 and 21.4; and 12 CFR 568.2 and 568.4): This is an internal institution record. Institutions may use any technology that permits review by OCC examiners.
SAR (12 CFR 21.11 and 12 CFR 163.180): -- The SAR system uses improved information technology to reduce burden on institutions. Whereas institutions previously filed multiple copies of different forms with their primary regulators, U.S. Attorneys’ offices, the FBI, and other law enforcement agencies, as necessary, they are now able to file one, consolidated form online with FinCEN through the BSA Direct E-Filing System. By offering on-line access to appropriate users, FinCEN has eliminated the need for multiple filings. Because the various forms have been consolidated into one, the information collected is easier to collate, analyze, and use. BSA Direct also provides improved access to the SAR database for law enforcement and state and federal regulators.
SAR Retention of Records (12 CFR 21.11 and 12 CFR 163.180): Original documents are needed for investigative and evidentiary purposes.
Procedures for Monitoring Bank Secrecy Act Compliance (12 CFR 21.21 and 12 CFR 163.177): The OCC and the other bank regulators have imposed only the minimum requirements needed to satisfy the law. This is an internal institution record. National banks and savings associations may use any information technology that permits review by OCC examiners.
4. Efforts to identify duplication:
The required information is unique and is not duplicative of any other information already collected.
5. Methods used to minimize burden if the collection has a significant impact on a substantial number of small entities:
Not applicable. The collection does not have a significant impact on a substantial number of small entities.
6. Consequences to the Federal program if the collection were conducted less frequently:
Minimum Security Devices and Procedures (12 CFR 21.2 and 21.4; 12 CFR 568.2 and 568.4): A national bank and savings association must designate a security officer who must develop and administer a written security program and report on the effectiveness of the program on an annual basis. This annual review and reporting is a necessary part of a strong security program and less frequent review and reporting could impair an institution’s safety and soundness.
SAR (12 CFR 21.11 and 12 CFR 163.180): With the automated SAR system, the bank regulators, law enforcement, and industry benefit from improved detection of financial crime, analysis of trends, and coordination of investigative efforts. The SAR requirement provides law enforcement and regulatory agencies with the ability to fight financial crime and ensures the safety and soundness of institutions.
SAR Retention of Records (12 CFR 21.11 and 12 CFR 163.180): A national bank and savings association must maintain a copy of any SAR filed and the original or business record equivalent of any supporting documentation for a period of five years.
Procedures for Monitoring Bank Secrecy Act Compliance (12 CFR 21.21 and 12 CFR 163.177): Each national bank and savings association is required to develop and maintain a written compliance program.
7. Special circumstances that would cause an information collection to be conducted in a manner inconsistent with 5 CFR Part 1320:
With one exception, these recordkeeping and reporting requirements are conducted in a manner consistent with the requirements of 5 CFR 1320. The reporting of suspicious activity on a SAR may occur more frequently than quarterly, depending on the frequency of the activity. This information must be reported in a timely manner to enable law enforcement to take appropriate action. Records must be kept for five years because substantive violations of the law that may be indicated by the suspicious activity are generally subject to statutes of limitations of longer than three years. To ensure that documents are available for prosecutions, reporting institutions must retain original evidentiary documents for five years.
8. Efforts to consult with persons outside the agency:
On May 11, 2012, the OCC published notice, for 60 days of comment, of its intention to renew the collection. 77 FR 27858. No comments were received.
9. Payment or gift to respondents:
None.
10. Any assurance of confidentiality:
Information provided to the government on the SARs is expressly prohibited from disclosure under 31 U.S.C. 5318(g) (2). Appropriate system security safeguards have been put in place to protect against unauthorized access.
11. Justification for questions of a sensitive nature:
There are no questions of a sensitive nature.
12. Burden estimate:
The OCC estimates that the time spent by each national bank and federal savings association to file a SAR will vary, depending on the size and type of institution involved and the number of reportable transactions. The OCC estimates that 2,021 national banks and savings associations will file approximately 418,347 SARS each year. The OCC estimates that the annual recordkeeping burden of 2,021 national banks and savings associations will vary, depending on the size and type of bank. The burden is calculated as follows:
Cite and Burden Type |
Information Collection Requirements
|
Number of Respondents/ Recordkeepers and Responses/Records |
Average Hours Per Response |
Estimated Burden Hours |
12 CFR 21.2 and 21.4; 12 CFR 568.2 and 568.4 Recordkeeping |
Minimum Security Devices and Procedures
§ 21.2and568.2 – Designation of security officer – The board of directors of each national bank and savings association shall designate a security officer who must develop and administer a written security program.
§ 21.4 and 568.4 – Report – The security officer for a national bank and savings association shall report at least annually to the institution’s board of directors on the effectiveness of the security program. The substance of such report shall be reflected in the Board minutes. |
2,021 recordkeepers 2,021 records |
.5 hour |
1,010 hours |
12 CFR 21.11(a) and 163.180(d)(1) Reporting
12 CFR 21.11(g) and 163.180(d)(8) Recordkeeping |
Reports of Suspicious Activities
§ 21.11(a) and 163.180(d)(1) – Suspicious Activity Report – Purpose and scope – National banks and savings associations are required to file a Suspicious Activity Report when they detect a known or suspected violation of Federal law or a suspicious transaction related to a money laundering activity or a violation of the Bank Secrecy Act. This section applies to all national banks and savings associations as well as any Federal branches and agencies of foreign banks licensed or chartered by the OCC.
§ 21.11(g) and 163.180(d)(8) – Suspicious Activity Report – Retention of records – A national bank and savings association shall maintain a copy of any SAR filed and the original or business record equivalent of any supporting documentation for a period of five years from the date of the filing of the SAR. Supporting document shall be identified and maintained by the bank and savings association as such, and shall be deemed to have been filed with the SAR. |
2,021 respondents 418,347 responses
2,021 recordkeepers 2,021 records |
1 hour
1.8 hours |
418,347 hours
3,638 hours |
12 CFR 21.21 and 163.177 Recordkeeping |
Procedures for Monitoring Bank Secrecy Act Compliance
§ 21.21 & 163.177-- Bank Secrecy Act compliance – All national banks and savings associations are required to develop and provide for the continued administration of a program reasonably designed to assure and monitor their compliance with subchapter II of chapter 53 of title 31, United States Code, and the implementing regulations promulgated thereunder by 31 CFR Chapter X (formerly Part 103). The compliance program shall be reduced to writing, approved by the board of directors, and noted in the minutes.
|
2,021 recordkeepers 2,021 records
Community Banks: 1,859
Mid-Size Banks: 62
Large Banks: 100 |
35 hours
250 hours
450 hours |
65,065 hours
15,500 hours
45,000 hours |
Total reporting |
|
2,021 respondents 418,347 responses
|
|
418,347 hours |
Total recordkeeping |
|
2,021 recordkeepers 6,063 records |
|
130,213 hours |
Totals |
|
424,410 Responses/Records |
|
548,560 hours |
Cost of Hour Burden to Respondents:
The OCC estimates the cost of the hour burden to respondents (by wage rate categories) as follows:
Recordkeeping Burden:
Clerical ($20/hour): 70% x 130,213 hours @ $20 = $ 1,822,982
Managerial/technical ($40/hour): 20% x 130,213 hours @ $40 = $ 1,041,704
Senior Management ($80/hour): 10% x 130,213 hours @ $80 = $ 1,041,704
Total $ 3,906,390
Reporting Burden:
Clerical ($20/hour): 05% x 418,347 hours @ $20 = $ 418,347
Managerial/technical ($40/hour): 10% x 418,347 hours @ $40 = $ 1,673,388
Senior Management ($80/hour): 55% x 418,347 hours @ $80 = $18,407,268
Legal Counsel ($100/hour): 30% x 418,347 hours @ $100 = $12,550,410
Total $33,049,413
Total Hour Burden Cost (Recordkeeping and Reporting): $36,955,803
13. Estimate of total annual costs to respondents (excluding cost of hour burden in Item #12):
Not applicable.
14. Estimate of annualized costs to the Federal government:
Not applicable.
15. Change in burden:
Former Burden:
3,911 respondents; 3,911 recordkeepers; 397,748 responses/records; 613,784 burden hours
New Burden:
2,021 respondents; 2,021 recordkeepers; 424,410 responses/records; 548,560 burden hours
Difference:
-1,890 respondents; -1,890 recordkeepers; +26,662 responses/records; -65,224 burden hours
The adjustment increase (respondents/recordkeepers) is due to an increase in the number of savings associations added to OCC supervision with the integration, pursuant to the Dodd-Frank Act, of the former Office of Thrift Supervision in July 2011.
16. Information regarding collections whose results are to be published for statistical use:
The OCC has no plans to publish the information for statistical purposes.
17. Reasons for not displaying OMB approval expiration date:
To avoid having to reprint the form just to show a new date, FinCEN is requesting permission not to display the OMB expiration date on the SAR form.
18. Exceptions to the certification statement in Item 19 of OMB Form 83-I:
None.
B. Collections of Information Employing Statistical Methods.
Not applicable.
1 The Federal financial institution supervisory agencies are the Office of the Comptroller of the Currency (OCC), Board of Governors of the Federal Reserve System (Board), Federal Deposit Insurance Corporation (FDIC), and National Credit Union Administration (NCUA).
| File Type | application/vnd.openxmlformats-officedocument.wordprocessingml.document |
| File Title | Supporting Statement |
| Author | Administrator |
| File Modified | 0000-00-00 |
| File Created | 2021-01-30 |