Agency Information Collection Activities; Renewal of a Currently Approved Collection; and Comment Request for Reports of Suspicious Activity

AGENCY:

Office of the Comptroller of the Currency (OCC).

ACTION:

Notice and request for comments.

SUMMARY:

The OCC, as part of its continuing effort to reduce paperwork and respondent burden, invites the general public and other Federal agencies to take this opportunity to comment on information collections, as required by the Paperwork Reduction Act of 1995, Public Law 104-13 (44 U.S.C. 3506(c)(2)(A)). The OCC is soliciting comments concerning the currently approved Minimum Security Devices and Procedures, Reports of Suspicious Activities, and Bank Secrecy Act Compliance Program information collection. The Minimum Security Devices and Procedures and Bank Secrecy Act Compliance Program portion of the information collection is being extended without change. The OCC is proposing to extend, with revision, the interagency suspicious activity report (SAR-DI) portion of the collection and is inviting comments on this revision.

As the Bank Secrecy Act (BSA) administrator, the Financial Crimes Enforcement Network (FinCEN) in the U.S. Department of Treasury is changing from a system originally designed for collecting industry-specific paper forms to a modernized information technology environment centered on electronic reporting. Based on financial institution type, depository institutions, broker-dealers in securities, futures commission merchants and introducing brokers in commodities, insurance companies, mutual funds, money services businesses, and casinos file reports on four separate forms. FinCEN's new approach is to have one electronically filed interactive BSA SAR that will be used by all filing institutions to report suspicious activity as of April 1, 2013.

There are no proposed changes to the suspicious activity report regulation. National banks and federal savings associations supervised by the OCC will continue to follow the regulation, interagency guidance, and filing instructions to determine when a report should be filed and what information should be included in the report.

The interactive BSA SAR has several new data fields and introduces data fields from the SARs of other industries. On March 29, 2012, FinCEN released guidance titled, “Filing FinCEN's New Currency Transaction Report and Suspicious Activity Report” (FIN-2012-G002). The guidance notes that FinCEN is making available additional and more specific data elements (that is, characterizations of suspicious activity and types of financial services) as a more efficient way to bring information about suspicious activity to the attention of FinCEN and law enforcement. The guidance clarified the addition of new and expanded data elements does not create an expectation that financial institutions will revise internal programs, or develop new programs, to capture information that reflects the expanded data elements. Data elements designated as “critical fields (questions for which an answer must be provided) in the BSA SAR are identified by the asterisk preceding the data element number.

DATES:

Written comments should be received on or before April 8, 2013.

ADDRESSES:

Interested parties are invited to submit written comments to the OCC. All comments should refer to the Office of Management and Budget (OMB) control numbers. Direct all written comments as follows:

Communications Division, Office of the Comptroller of the Currency, Public Information Room, Mailstop 6W-11, Attention: 1557-0180, Washington, DC 20219. In addition, comments may be sent by electronic mail to regs.comments@occ.treas.gov. You may personally inspect and photocopy comments at the OCC's Public Information Room, 400 7th Street SW., Washington, DC. For security reasons, the OCC requires that visitors make an appointment to inspect comments. You may do so by calling (202) 649-6700. Upon arrival, visitors will be required to present valid government-issued photo identification and submit to security screening in order to inspect and photocopy comments.

Additionally, you should send a copy of your comments to OCC Desk Officer, 1557-0180, by mail to U.S. Office of Management and Budget, 725 17th Street NW., #10235, Washington, DC 20503, or by email to oira_submission@omb.eop.gov.

FOR FURTHER INFORMATION CONTACT:

You can request additional information or a copy of the collection from Johnny Vilela or Mary H. Gottlieb, OCC Clearance Officers, (202) 649-7265 or (202) 649-6301, Office of the Comptroller of the Currency, Washington, DC 20219.

SUPPLEMENTARY INFORMATION:

The OCC is soliciting comments concerning the currently approved collections covered under the information collection titled “Minimum Security Devices and Procedures, Reports of Suspicious Activities, and Bank Secrecy Act Compliance.” The Minimum Security Devices and Procedures and Bank Secrecy Act Compliance Program information collection is being extended without change. The OCC is proposing to extend, with revision, the suspicious activity report (SAR-DI) portion of the collection and is inviting comments on the interactive BSA SAR that will be used to report suspicious activity as of April 1, 2013.

Title: Minimum Security Devices and Procedures, Reports of Suspicious Activities, and Bank Secrecy Act Compliance program.

OMB Control No.: 1557-0180.

Form Numbers: 8010-1/8010-9.

Abstract: In 1985, the bank supervisory agencies (Agencies), issued procedures to be used by banks and certain other financial institutions operating in the United States to report known or suspected criminal activities to the appropriate law enforcement and banking supervisory agencies. Beginning in 1994, the Agencies and FinCEN redesigned the reporting process and developed the suspicious activity report, which became effective in April 1996. The report is authorized by the following regulations: 31 CFR 103.18 (FinCEN); 12 CFR 21.11 and 12 CFR 163.180 (OCC); 12 CFR 208.62(c), 211.5(k), 211.24(f), and 225.4(f) (Board); 12 CFR 353.3 (FDIC); 12 CFR 748.1 (NCUA). The regulations were issued under the authority contained in the following statutes: 31 U.S.C. 5318(g) (FinCEN); 12 U.S.C. 93a, 1463, 1464, 1818, 1881-84, 3401-22, 31 U.S.C. 5318 (OCC); 12 U.S.C. 248(a)(1), 625, 1818, 1844(c), 3105(c)(2) and 3106(a) (Board); 12 U.S.C1818-1820 (FDIC) ; 12 U.S.C. 1766(a), 1789(a) (NCUA).

Prior to the suspicious activity report effective date of April 1996, the OCC, the other agencies, and FinCEN each issued new and nearly identical rules mandating the use of the interagency SAR-DI for reporting suspicious activities. In separate actions, FinCEN also enacted regulations requiring other types of financial institutions, such as brokers or dealers in securities and futures, money services businesses (money transmitters, issuers and sellers of money orders and travelers' checks, check cashers, and dealers in foreign exchange), casinos and card clubs, and insurance companies to file reports on suspicious activities.

In January 2003, check boxes were added to Part III of the SAR-DI to note terrorist financing and identity theft as suspicious activities and the safe harbor language in the instructions was updated to reflect changes made by the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act of 2001. In 2006, the SAR-DI form was revised to support a new joint filing initiative aimed at reducing the total number of duplicate reports filed for a single suspicious transaction. On May 1, 2007, FinCEN published a Federal Register notice (72 FR 23891) announcing the delayed implementation of these revisions, which ultimately were never implemented.

On October 15, 2010, FinCEN issued a 60-day notice titled “Proposed Collection; Comment Request; Bank Secrecy Act Suspicious Activity Report Database Proposed Data Fields.” The notice sought input on technical matters as FinCEN transitions from a system originally designed for collecting paper forms to a modernized information technology environment for electronic reporting. Thereafter, a notice was issued on May 6, 2011 by the Treasury Department's Office of Information Management advising the public of a new collection by FinCEN and stating that FinCEN was submitting the BSA SAR comments to OMB for review. The notice stated, “FinCEN is fielding a new system of record to support the collection and dissemination of BSA data to law enforcement and other regulatory agencies. The BSA SAR is a new dynamic information collection tool that will serve as the principle [sic] collection instrument to be used by financial institutions to record and report suspicious activity.” On July 15, 2011, FinCEN received final approval of the BSA-SAR from the Office of Management and Budget, which concluded FinCEN's October 15, 2010, request for comment.

On May 11, 2012, the OCC published a final Federal Register notice (77 FR 27858) announcing the extension for three years, without revision, of the “Reports of Suspicious Activities” data collection. OCC renewal was necessary because the current SAR-DI form is expiring and will continue to be accepted by FinCEN until March 31, 2013. The OCC is now seeking industry comment on the interactive BSA SAR that will be used to report suspicious activity as of April 1, 2013. Comments will be summarized and/or included in the request for Office of Management and Budget approval.

Proposed Revisions

The revised BSA SAR would integrate four institution-specific SARs into one universal data collection. The previous five parts of the SAR-DI remain with changes to their titles and placement in order of completion.

The proposed BSA-SAR is described below by form part. Fields from other industry SARs that may be new to depository institutions as well as specific data fields that are new to all types of industry filers have been identified. In the description provided below, questions for which answers must be provided (referred to as “critical fields”) are identified with the * symbol in front of the data element number.

Type of Filing

Field 1 is the Type of Filing and requires the filer to designate the category that best describes the filing from a set of choices:

*1. Check all that apply—a. Initial report; b. Correct/amend prior report; c. Continuing activity report; d. Joint report; e. Prior report document control/file number if 1b or 1c are checked.

On the current SAR-DI there is only one choice in data field 1 for those reports that corrected a prior report.

Part I: Subject Information

Part I is titled “Subject Information” and it requires the filer to provide information for each subject involved in the suspicious activity. Subject Information is titled “Suspect Information” on the current SAR-DI. As with the current SAR-DI, multiple subjects may be included in Part I.

Each of the critical fields (*) in this part has a new check box that may be used if the information is unknown. If that box is checked, the filer would not need to enter any information in that field.

In Part I, with the exception of the check box to indicate if the requested information is unknown, these data fields remain the same, with no additions or changes from the SAR-DI:

*3. Individual's last name or entity's legal name—a. (check if) unknown

*4. First name—a. (check if) unknown

5. Middle initial (middle name for electronic filers)

7. Occupation or type of business

*8. Address—a. (check if) unknown

*9. City—a. (check if) unknown

*10. State—a. (check if) unknown

*11. ZIP/Postal Code—a. (check if) unknown

*12. Country Code—a. (check if) unknown

*13. TIN—a. (check if) unknown

*16. Date of birth mm/dd/yyyy—a. (check if) unknown

Listed below are the remaining data fields in Part I that would be considered new data fields or data fields that would be modified.

2. Check—a. If entity; b. If all critical (*) subject information is unavailable (If 2b is checked this part may be left blank)

5a. Gender—b. (Check if) Male; c. (Check if) Female; d. (Check if) Unknown

6. Alternate name, e.g. AKA for an Individual or DBA for an Entity

7a. NAICS Code (North American Industry Classification system code that corresponds to 7)

14. TIN type (* if 13 is completed)—a. EIN; b. SSN-ITIN; c. Foreign

*15. Form of identification for subject—a. (check if) unknown (or not obtained); b. (check if) Driver's license/state ID; c. (check if) Passport; d. (check if) Alien registration; e. Number; f. Issuing state; g. Issuing country; z. (check if) Other

17. Phone number type—a. (check if) Home; b. (check if) Work; c. (check if) Mobile; d. (check if) Fax

18. Phone number—a. Extension (if any)

19. Email address (if available)

19 a.Web site (URL) address (if available)

20. Corroborative statement to filer?—a. (check if) Yes; b. (check if) No (This was Admission/Confession on the SAR-DI)

21. Relationship of the subject to the filing institution (check all that apply)—a. Institution TIN; b. Accountant; c. Agent; d. Appraiser; e. Attorney; f. Borrower; g. Customer; h. Director; i. Employee; j. No relationship to institution; k. Officer; l. Owner or Controlling Shareholder; z. Other

22. If item 21h, 21i, 21j, or 21k is checked, indicate status of relationship—a. (check if) Relationship continues; b. (check if) Terminated; c. (check if) Suspended/barred; d. (check if) Resigned

23. Action date if 22 b, c, or d is checked

*24. Financial Institution EIN and account number(s) affected that are related to subject, if any—a. (check if) No known account involved; b. (check if) Non-US Financial Institution; c. TIN; d. Account number; e. (check if) Closed;

25. Subject's role in suspicious activity (if applicable); a. (check if) Purchaser/Sender; b. (check if) Payee/Receiver; c. (check if) Both a and b

Part II—Suspicious Activity Information

Part II, “Suspicious Activity Information,” would require the filer to describe the suspicious activity that occurred.

Part II items would cover all filer institution types so all filers would see field options that may not pertain to their report (such as casino activities). Filers would only be required to complete those items that apply to their institution and pertain to the report being filed.

In Part II, with the exception of the “unknown check box” these data fields would remain the same as the current SAR-DI:

*27. Date or date range of suspicious activity for this report—a. From: mm/dd/yyyy; b. To: mm/dd/yyyy

The remaining data fields in this Part, specifically the characterizations of suspicious activity, would be modified and expanded when compared to the current SAR-DI. There are now 10 general categories and each category would be further broken down to specific types of suspicious activity.

*26. Amount involved in this report—a. (check if) Amount unknown; b. (check if) No amount involved.

28. Cumulative amount only if box 1c (continuing activity report) is checked

29. Structuring—a. Alters transaction to avoid BSA recordkeeping requirement; b. Alters transactions to avoid CTR requirement; c. Customer cancels transaction to avoid BSA reporting and recordkeeping requirements; d. Multiple transactions below BSA recordkeeping threshold; e. Multiple transactions below CTR threshold; f. Suspicious inquiry by customer regarding BSA reporting or recordkeeping requirements; z. Other (specify type of suspicious activity in space provided)

30. Terrorist Financing—a. Known or suspected terrorist/terrorist organization; z. Other (specify type of suspicious activity in space provided)

31. Fraud (Type)—a. ACH; b. Business loan; c. Check; d. Consumer loan; e. Credit/Debit card; f. Healthcare; g. Mail; h. Mass-marketing; i. Pyramid scheme; j. Wire; z. Other (specify type of suspicious activity in space provided)

32. Casinos—a. Inquiry about end of business day; b. Minimal gaming with large transactions; c. Suspicious intra-casino funds transfers; d. Suspicious use of counter checks or markers; z. Other (specify type of suspicious activity in space provided)

33. Money laundering—a. Exchanges small bills for large bills or vice versa; b. Suspicion concerning the physical condition of funds; c. Suspicion concerning the source of funds; d. Suspicious designation of beneficiaries, assignees or joint owners; e. Suspicious EFT/wire transfers; f. Suspicious exchange of currencies; g. Suspicious receipt of government payments/benefits; h. Suspicious use of multiple accounts; i. Suspicious use of noncash monetary instruments; j. Suspicious use of third-party transactors (straw-man); k. Trade Based Money Laundering/Black Market Peso Exchange; l. Transaction out of pattern for customer(s); z. Other (specify type of suspicious activity in space provided)

34. Identification/Documentation—a. Changes spelling or arrangement of name; b. Multiple individuals with same or similar identities; c. Provided questionable or false documentation; d. Refused or avoided request for documentation; e. Single individual with multiple identities; z. Other

35. Other suspicious activities—a. Account takeover; b. Bribery or gratuity; c. Counterfeit instruments; d. Elder financial exploitation; e. Embezzlement/theft/disappearance of funds; f. Forgeries; g. Identity theft; h. Little or no concern for product performance penalties, fees, or tax consequences; i. Misuse of “free look”/cooling off/right of rescission; j. Misuse of position or self-dealing; k. Suspected public/private corruption (domestic); l. Suspected public/private corruption (foreign); m. suspicious use of informal value transfer system; n. Suspicious use of multiple transaction locations; o. Transaction with no apparent economic, business, or lawful purpose; p. Two or more individuals working together; q. Unauthorized electronic intrusion; r. Unlicensed or unregistered MSB; z. Other (specify type of suspicious activity in space provided)

36. Insurance—a. Excessive insurance; b. Excessive or unusual cash borrowing against policy/annuity; c. Proceeds sent to or received unrelated third party; d. Suspicious life settlement sales insurance (e.g. STOLI's, Viaticals); e. Suspicious termination of policy or contract; f. Unclear or no insurable interest; z. Other (specify type of suspicious activity in space provided)

37. Securities/Futures/Options—a. Insider trading; b. Market manipulation/wash trading; c. Misappropriation; d. Unauthorized pooling; z. Other (specify type of suspicious activity in space provided)

38. Mortgage fraud—a. Appraisal fraud; b. Foreclosure fraud; c. Loan modification fraud; d. Reverse mortgage fraud; z. Other

39. Were any of the following instrument/product type(s) involved in the suspicious activity? Check all that apply: a. Bonds/Notes; b. Commercial mortgage; c. Commercial paper; d. Credit card; e. Debit card; f. Forex transactions; g. Futures/Options on futures; h. Hedge fund; i. Home equity loan; j. Home equity line of credit; k. Insurance/Annuity products; l. Mutual fund; m. Options on securities; n. Penny stocks/Microcap securities; o. Prepaid access; p. Residential mortgage; q. Security futures products; r. Stocks; s. Swap, hybrid or other derivative; z. Other (specify type in space provided)

40. Were any of the following instrument type(s)/payment mechanism(s) involved in the suspicious activity? Check all that apply—a. Bank/Cashier's check; b. Foreign currency; c. Funds transfer; d. Gaming instruments; e. Government payment; f. Money orders; g. Personal/Business check; h. Travelers check; i. U.S. Currency; z. Other (specify type in space provided)

41. Commodity type (if applicable)

42. Product/Instrument description (if needed)

43. Market where traded (list of codes will be provided—dropdown menu for electronic filers)

44. IP Address (if available) (multiple entries allowed for electronic filers)

45. CUSIP number (multiple entries allowed for electronic filers)

46. CUSIP number (multiple entries allowed for electronic filers)

Part III—Information About Financial Institution Where Activity Occurred

Part III information would be about the financial institution(s) where the suspicious activity occurred. A separate Part III record would be completed on each financial institution involved in the suspicious activity. The data fields in Part III would be modified and expanded when compared to the current SAR-DI.

*47. Type of financial institution (check only one)—a. Casino/Card club; b. Depository institution; c. Insurance company; d. MSB; e. Securities/Futures; z. Other (specify type of institution in space provided)

*48. Primary Federal Regulator—A = Commodities Futures Trading Commission (CFTC); B = Federal Reserve Board (FRB); C = Federal Deposit Insurance Corporation (FDIC); D = Internal Revenue Service (IRS); E = National Credit Union Administration (NCUA); F = Office of the Comptroller of the Currency (OCC); G = Securities and Exchange Commission (SEC); Z = Not Applicable

49. If item 47a is checked indicate type (Check only one)—a. State licensed casino; b. Tribal authorized casino; c. Card club; d. Other (specify)

50. If item 47e is checked, indicate type of Securities and Futures institution or individual where activity occurred—check box(es) for functions that apply to this report—a. Clearing broker-securities; b. Futures Commission Merchant; c. Holding company; d. Introducing broker-commodities; e. Introducing broker-securities; f. Investment Advisor; g. Investment company; h. Retail foreign exchange dealer; i. Subsidiary of financial/bank holding company; z. Other (specify type of institution or individual in space provided)

51. Financial institution identification number (Check one box to indicate type)—a. (check if) CRD number; b. (check if) IARD number; c. (check if) NFA number; d. (check if) RSSD number; e. (check if) SEC number; f. Identification number

52. Financial institution's role in transaction (if applicable)—a. (check if) Selling location; b. (check if) Paying location; (check if) Both a & b

*53. Legal name of financial institution—a. (check if) unknown

54. Alternate name, e.g., AKA—individual or trade name, DBA—entity

*55. TIN—a. (check if) unknown

56. TIN type (* if 55 is completed)—a. EIN; b. SSN-ITIN; c. Foreign

*57. Address—a. (check if) unknown

*58. City—a. (check if) unknown

59. State

*60 ZIP/Postal Code—a. (check if) unknown

*61. Country

62. Internal control/file number

63. Loss to financial institution (if applicable)

64. Branch's role in transaction (if applicable)—a. (check if) Selling location; b. (check if) Paying location; c. (check if) Both a and b

*65. Address of branch or office where activity occurred—a. (if no branch activity involved, check box a)

66. RSSD number (of the branch)

67. City

68. State

69. ZIP/Postal Code

70. Country (2 letter code—list provided)

Part IV—Filing Institution Contact Information

Part IV information would be about the lead financial institution or holding company that is filing the BSA SAR. There would be only one Part IV record for each filing. Part IV would take fields previously contained in Part I, Part III, and Part IV on the SAR-DI as well as added new fields.

*78. Primary Federal Regulator—A = Commodities Futures Trading Commission (CFTC); B = Federal Reserve Board (FRB); C = Federal Deposit Insurance Corporation (FDIC); D = Internal Revenue Service (IRS); E = National Credit Union Administration (NCUA); F = Office of the Comptroller of the Currency (OCC); G = Securities and Exchange Commission (SEC); Z = Not Applicable

*79. Filer name (Holding company, lead financial institution)

*80. TIN

*81. TIN type—a. EIN; b. SSN/ITIN; c. Foreign

*82. Type of financial institution (check only one)—a. Casino/Card club; b. Depository institution; c. Insurance company; d. MSB; e. Securities/Futures; z. Other (specify type of institution in space provided)

83. Type of Securities and Futures institution or individual filing this report-check box(es) for function(s) that apply to this report—a. Clearing broker—securities; b. CPO/CTA; c. Futures Commission Merchant; d. Holding company; e. Introducing broker—commodities; f. Introducing broker—securities; g. Investment Adviser; h. Investment company; i. Retail foreign exchange dealer; j. SRO Futures; k. SRO Securities; l. Subsidiary of financial/bank holding company; z. Other (specify type of institution or individual in space provided)

84. Filing institution identification number (Check one box to indicate type)—a. (check if) CRD number; b. (check if) IARD number; c. (check if) NFA number; d. (check if) RSSD number; e. (check if) SEC number; f. Identification number

*85. Address

*86. City

87. State

*88. ZIP/Postal Code

*89. Country

90. Alternate name, e.g., AKA—individual or trade name, DBA—entity

91. Internal control/file number

92. LE contact agency

93. LE contact name

94. LE contact phone number—a. Extension (if any)

95. LE contact date

*96. Designated contact office

*97. Designated contact office phone number including area code—a. Extension (if any)

*98. Date filed

Part V—Suspicious Activity Information Explanation/Description

Part V would require the filer to provide a chronological and complete narrative account of the activity, including what is unusual, irregular, or suspicious about the activity. In the BSA-SAR this part would be a text file that is limited to 17,000 characters (approximately six pages). Institutions may, but are not required to, attach an MS Excel-compatible file (no larger than 1 MB) providing details in tabular form of transactions subject to the suspicious activity discussed in the text file.

Type of Review: Regular.

Affected Public: Business, for-profit institutions, and non-profit institutions.

Estimated Number of Respondents: 2,021.

Estimated Total Annual Responses: 424,410.

Estimated Burden per Response: 2.5 hours (includes 1.5 hours burden per response and one hour recordkeeping).

Estimated Total Annual Burden: 1,061,025 hours.

An agency may not conduct or sponsor, and a person is not required to respond to, a collection of information unless the collection of information displays a valid Office of Management and Budget control number. Records required to be retained under the Bank Secrecy Act and these regulations issued by the Banking Supervisory Agencies must be retained for five years. Generally, information collected pursuant to the Bank Secrecy Act is confidential, but may be shared as provided by law with regulatory and law enforcement authorities.

Comments submitted in response to this notice will be summarized and/or included in the request for Office of Management and Budget approval. All comments will become a matter of public record. Comments are invited on:

(a) Whether the collection of information is necessary for the proper performance of the functions of the OCC, including whether the information shall have practical utility;

(b) The accuracy of the OCC's estimate of the burden of the collection of information;

(c) Ways to enhance the quality, utility, and clarity of the information to be collected;

(d) Ways to minimize the burden of the collection of information on respondents, including through the use of automated collection techniques or other forms of information technology, and

(e) Estimates of capital or start-up costs and costs of operation, maintenance, and purchase of services to provide information.