Supporting Statement

OMB Control Number 1506-0049

Requirement for Information Sharing Between Government Agencies and Financial Institutions

1. Circumstances Necessitating Collection of Information.

On October 26, 2001, the President signed into law the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 (“USA PATRIOT Act”), Public Law 107-56 (“the Act”). Title III of the Act amends the anti-money laundering provisions of the Bank Secrecy Act (“BSA”), codified at 12 U.S.C. 1829b and 1951–1959 and 31 U.S.C. 5311–5314 and 5316–5332, to promote the prevention, detection, and prosecution of international money laundering and the financing of terrorism. Regulations implementing the BSA appear at 31 CFR Chapter X. The authority of the Secretary of the Treasury (“the Secretary”) to administer the BSA has been delegated to the Director of the Financial Crimes Enforcement Network (“FinCEN”).

Of the Act’s many goals, the facilitation of information sharing among governmental entities and financial institutions for the purpose of combating terrorism and money laundering is of paramount importance. Section 314 of the Act furthers this goal by providing for the sharing of information between the government and financial institutions, and among financial institutions themselves. As with many other provisions of the Act, Congress has charged the U.S. Department of the Treasury with developing regulations (See 31 CFR 1010.520) to implement these information-sharing provisions.

Subsection 314(a) of the Act states in part that:

[t]he Secretary shall . . . adopt regulations to encourage further cooperation among financial institutions, their regulatory authorities, and law enforcement authorities, with the specific purpose of encouraging regulatory authorities and law enforcement authorities to share with financial institutions information regarding individuals, entities, and organizations engaged in or reasonably suspected based on credible evidence of engaging in terrorist acts or money laundering activities.

2. Method of Collection and Use of Data.

FinCEN’s regulations under Section 314(a) (See 31 CFR 1010.520) enable federal, state, local, and foreign (European Union) law enforcement agencies, through FinCEN, to reach out to more than 14,000 financial institutions to locate accounts and transactions of persons that may be involved in terrorism or money laundering.

FinCEN receives requests from law enforcement and upon review, sends notifications to designated contacts within financial institutions across the country once every 2 weeks informing them new information has been made available via a secure internet website. The requests contain subject and business names, addresses, and as much identifying data as possible to assist the financial industry in searching their records. The financial institutions must query their records for data matches, including accounts maintained by the named subject during the preceding 12 months and transactions conducted within the last 6 months. Financial institutions have 2 weeks from the posting date of the request to respond with any positive matches. If the search does not uncover any matching of accounts or transactions, the financial institution is instructed not to reply to the 314(a) request.

The 314(a) process has proven to be an effective tool in many law enforcement investigations. Results yield productive leads for both terrorist financing and money laundering cases and often lead to the identification of new accounts and transactions. These results enable law enforcement to efficiently direct its use of legal processes to promptly obtain critical evidence to help advance their investigations.

3. Use of Improved Information Technology to Reduce Burden.

Currently, 100% of this collection is filed using automated technology. The 314(a) files are posted on FinCEN’s secure website. The files are available for download in .csv, .txt, and .doc format to allow for ingestion into various software financial institutions use to run the searches against their systems. All positive responses can be submitted through FinCEN’s secure website by checking the box next to each subject for which there is a match and clicking the “Submit” button to transmit the responses to FinCEN. Providing downloads in a variety of formats reduces burden on financial institutions by allowing them to automate the search of their records in a format that is compatible with their software and systems.

4. Efforts to Identify Duplication.

There is no similar information available; thus, there is no duplication.

5. Methods to Minimize Burden on Small Businesses or Other Small Entities.

This collection of information does not significantly impact small entities.

6. Consequences to the Federal Government of Not Collecting the Information.

The renewal, without change, to this collection of information renews the process through which the Federal government complies with a self-executing Mutual Legal Assistance Agreement with the European Union. The President ratified this treaty on September 23, 2008, with the advice and consent of the United States Senate. Without this collection of information, the Federal Government would be in violation of the Mutual Legal Assistance Agreement, and law enforcement would lose a significant investigatory capability.

7. Special Circumstances Requiring Data Collection to be Inconsistent with Guidelines in 5 CFR 1320.5(d)(2).

There are no special circumstances.

8. Consultation with Individuals Outside of the Agency on Availability of Data. Frequency of Collection, Clarity of Instructions and Forms, and Data Elements.

On May 7, 2019, FinCEN published in the Federal Register a 60-day notice requesting public comment on the FinCEN proposal to renew without change the requirement for information sharing between government agencies and financial institutions (See 84 FR 19999). FinCEN received two public comments.

The first comment letter was from the National Association of Federally-Insured Credit Unions (“NAFCU”). NAFCU provided certain suggestions regarding ways to improve the 314(a) program. Specifically, it noted that in recent 314(a) requests certain subjects did not have multiple identifiers, such as date of birth, address, and tax identification number. NAFCU suggested when possible, 314(a) subjects should include all identifiers required under the customer identification program requirements. It also requested that FinCEN lower the documentation standards for Federal law enforcement agencies to qualify to submit 314(a) requests. Lastly, although the 314(b) regulations were not a part of this comment request, the NAFCU suggested that FinCEN expand 314(b) information sharing to include fraud.

When submitting a request to FinCEN, the law enforcement agencies are required to provide

FinCEN with a written certification. At a minimum, the certification must: state that each individual, entity, or organization about which the law enforcement agency is seeking information is engaged in, or is reasonably suspected based on credible evidence of engaging in, terrorist activity or money laundering; include enough specific identifiers, such as date of birth, address, and social security number, that would permit a financial institution to differentiate between common or similar names; and identify one person at the agency who can be contacted with any questions relating to its request. Multiple divisions within FinCEN review law enforcement agencies’ 314(a) requests to ensure they comply with the regulatory requirements. This includes ensuring the requesting law enforcement agencies provide as many specific identifiers as possible for the subjects of their requests. The application of these internal procedures helps to ensure that the 314(a) program will be utilized only in the most compelling situations, thereby minimizing the cost incurred by reporting financial institutions.

The second comment letter was from the Due Process Institute (“DPI”). DPI encouraged FinCEN to cease efforts to pursue legislative and regulatory attempts to expand the 314(a) program. DPI asserted that the existing 314(a) regulatory requirements fail to protect privacy rights. Based on the assertions DPI made in its comment letter, it appears to have an inaccurate impression that the 314(a) program is vastly more expansive regarding the information financial institutions are required to submit to FinCEN than is actually the case. Section 314(a) information consists of only a confirmation that a matching account or transaction exists. The underlying account and transaction information relating to a 314(a) match that contains sensitive customer financial information is not deemed to be part of the 314(a) response, and can only be obtained by the requesting agency through appropriate legal process, such as a subpoena. FinCEN is not part of that legal process to obtain the underlying information; its involvement ends at informing requesting agencies that a match exists. In addition, the personally-identifiable information (e.g., subject names, aliases, dates of birth, and social security numbers) that a financial institution uses to conduct a section 314(a) search is provided not by the institution, but by the requesting agency.

Although neither comment letter focused specifically on burden estimates, FinCEN appreciates these comments concerning the 314(a) and (b) regulations, and will incorporate them into FinCEN’s retrospective regulatory review process conducted pursuant to E.O. 12866 and 13563.

9. Explanation of Decision to Provide Any Payments or Gifts to Respondents.

No payments or gifts were made to respondents.

10. Assurance of Confidentiality of Responses.

Information collected in a 314(a) request is made available, in accordance with strict safeguards, to appropriate criminal law enforcement and regulatory personnel solely in the official performance of their duties.

11. Justification of Sensitive Questions.

There are no questions of a sensitive nature in the collection of information. Any personally identifiable information collected under the BSA is strictly controlled as outlined in FinCEN’s Systems of Records Notice http://www.fincen.gov/foia/files/FinCEN_79_FR_20969.pdf.

12 & 13. Estimated Burden & Cost of Information Collection.

Frequency: Bi-weekly.

Estimated Number of Respondents: 14,643¹

Estimated Time Per Respondent: 42 hours annually.²

Estimated Total Annual Burden Hours: 615,006.³

Estimated Annual Cost to Respondents for Hour Burden: 615,006 hours X $50.20⁴ per hour = $30,873,301.

14. Estimated Annual Cost to the Federal Government.

Not applicable.

15. Reason for Change in Burden.

FinCEN is requesting a change in burden hours due to a decrease in covered financial institutions. In 2016, the burden was estimated to be 1,087,236 hours annually; however, FinCEN has revised the burden hours in 2019 to be 615,006 hours annually. Due to financial institution mergers, there are fewer covered financial institutions receiving 314(a) requests in 2019 than there were in 2016.

16. Plans for Tabulation, Statistical Analysis, and Publication.

The information will not be tabulated or compiled for publication.

17. Request not to Display Expiration Date of OMB Control Number.

Not Applicable.

18. Exceptions.

There are no exceptions to the certification statement.