American Bankers Association roundtable

Memorandum for the Record

Event: American Bankers Association roundtable Type of Event: On-the-Record Interview Date of interview: 3/18/04 Date memo prepared: 4/5-13/04 Special Access Issues: None Prepared by: John Roth Team Number: 4 Location: American Bankers Association conference room Classification: Unclassified Present, non-Commission: John Byrne (ABA), Nick Caruso (Riggs), Allen Able (Price Waterhouse Coopers) Commission: John Roth, Doug Greenburg and Serena Wille

This memorandum provides a summary of the most important points covered in the above-entitled interview, but is not a verbatim account. The memorandum is organized by subject and does not necessarily follow the order of the interview. The witnesses provided all of the information in this memorandum during the interview, except where noted by square brackets. By and large, except where noted, no attempt was made to identify the statements to an individual witness. (U)

The purpose of this interview was to engage representatives of the banking industry on the changes in anti money laundering (AML) and anti terrorist financing (ATF) compliance since 9/11, with a particular focus on the USA PATRIOT Act (USAP A).

Regulatory environment
The USAP was a compilation of old AML bills that "never would have seen the light of day" were it not for 9/11. it is primarily a compilation of old Kerry, Grassley and Levin legislation. Most of the USPA was already incorporated into the banking industry, either through the use of "best practices" or requirements of the banking regulators, and thus not necessary to be enacted into legislation. The panel characterized the USPA as an "understandable knee jerk reaction" to the attacks, but they characterized it as not thought through. Byrne noted that you had to look hard to find anything really related to terrorist financing within the USP A, although the account opening requirements may be useful in that regard. Byrne noted that, while they did not have much input on the USAP A~there were some provisions that the ABA did ask for, such as broadening the regulations to all financial institutions, section 314 and the PACs system for some sort of e-filing and section 355, involving sharing of information concerning employees. Additionally, they cautioned that the requirements should not be set out in the statute, but delegated to the regulations, which would give more flexibility. The ABA formally supported the USAPA, although Byrne noted that "it wouldn't have mattered." The ABA opposed the Commission Sensitive 2 Commission Sensitive Money Laundering Act of 2000 as unnecessary, since it merely codified what was already being done. The ABA did support the money laundering provisions contained within the 86, 92, and 94 laws. Byrne regarded the implementation as coming in fits and starts. He anticipates that the section 312 implementation will be burdensome. The section 314 notification provision was a nightmare when it first rolled out. FinCEN has since made some major adjustments, and it is now better. The concept, as he understood it, was to have a narrowly focused, terrorism oriented list, but it is clear that it is being used broadly. Most of the names come from the DEA, so they are obviously drug money laundering cases and not terrorism cases. there is a significant burden in doing these, since most institutions have a number of systems that must be checked. Riggs, for example, must email 28 different people for each request. The panel noted that while the USPA doesn't have much specific to terrorism in it, it is generally perceived that way, particularly to bank management. As a result, it gets attention at the Board of Directors level, which may not have otherwise happened. As a result, it has bolstered compliance resources at the banks. With regard to implementation, the panel noted that the law and regulations are murky, and they would like to see more consistent and better defined regulations. They noted that banks and the regulators interpret the regulations differently. For example, when it comes to enhanced due diligence on high risk accounts, it boils down to place of birth and residency, which is hard to implement and difficult to regulate. The panel provided several examples of instances in which the regulators were interpreting the USAP A inconsistently with what the banks perceive its goals to be. The first is with regard to SAR filing. They characterized the regulators as engaging in a significant amount of second guessing as to whether a SAR should have been filed, when, ultimately, a SAR filing is ultimately a judgment call. The second example is where law enforcement issues a subpoena. Regulators argue that·a SAR should be filed in such an instance, while banks argue that law enforcement is already informed of the suspicious activity by virtue of the subpoena. The difficulty is that there will be an increase in useless SARs if this continues.. Nobody has a problem with going after banks that don't file SARs if it is a result of not having a compliance program, but.when the compliance program is strong, there should not be such a focus on SARs. Byrne summed it up by saying that banks want risk-based model to be flexible, but at the same time they want guidance. He understands that there is a tension in wanting those two things. With regard to good things coming out of the USAP A, the panel said that the 319(b) sharing provisions, which allows banks to obtain financial information from other banks for the purpose of investigating suspicious activity, was very helpful. The only problem is that it does not cover foreign banks that operate in the US. With regard to the provisions of section 319, none of the panel has seen evidence that foreign banks are retracting their US presence as a result of those provisions (which give Commission Sensitive 3 Commission Sensitive law enforcement the opportunity to obtain records or seize money from foreign banks, so long as the bank has an account here). Alan Abel stated that the problem with the BSA is that it delegated a lot of power to the Secretary of the Treasury, who then writes regulations. Over a period of time, these regulations have gotten greater, broader and deeper. Abel preferred a principles-based approach rather than a rules-based approach, because it defers to the judgment of the people implementing the rules. Moreover Abel acknowledged that compliance is a cost center, but believes that you get compliance because of the potential reputation risk you run by not having it. Other members of the panel disagreed on the impact of reputational risk, however. With regard to OFAC, the panel was extremely critical, stating that it imposes lots of costs on the industry ~with no return on that investment. Additionally, they characterized OFAC as very non-responsive. OFAC must enforce the law over a huge sector of the economy, not just banking, so they are stretched too thin.

9111 hijackers
Each member of the panel was familiar with the 9111 hijackers financial transactions and each has come to the conclusion that a better scrutiny of the financial transactions would not have resulted in discovering them. Moreover, even after 9111, with all we know now, the panel was unanimous in stating that siminalr financial activity would not draw SUspICIon.

Recommendations
Overall, the financial services industry faces a huge challenge in responding to a host of government burdens, including every major financial regulator and twelve different money laundering laws. The problem is that many of these items got enacted piecemeal, resulting in layers of regulation: in the 1970's it started with cash reporting, then extended to the 8300s, SARs, section 314(a) requests, high risk monitoring for politically exposed persons and foreign accounts, and OFAC - the list just keeps growing. The panel suggested that this layering invites a look at reengineering the laws to make them more streamlined, and to couple it with a study of the costs and benefits of these req uirem ents. The panel believes that there needs to be better and more formal communication between the industry and law enforcement on terrorist financing issues. They must review and research the issue together, and there has to be a recognition of the difficulty in detecting terrorist financing and the difference between terrorist financing and money laundering. There also needs to be a better use of lists, and some way to transfer the knowledge that the goverrunent has to the banks, who would be able to use it. This may be in the form of a secure web site containing sensitive negative intelligence on individuals, or perhaps with specific individuals within banks with the appropriate security clearance to receive information. i '. Commission Sensitive Additionally, the panel believed that there has to be a better recognition on the part of bank regulators of the original intent of the SAR process. Part of this requires more cooperation between law enforcement and the regulators, and part of this is greater consistency by the regulators in applying the rules. Commission Sensitive 4