TopMortgage Compliance Update (1)

March 21, 2012


FinCEN: SAR Confidentiality

Banging Head Let us help!
Isn't it time to bring in the professionals? 
Contact Us-1-Beveled-160

Website Forums


CFPB Forum-CC-1  

OCC News Forum-CC-(134x134)  

Mortgage Compliance Forum-Main  

Dodd-Frank Forum-CC-1  

NMLS Users Forum-CC-1  

FHA Forum-CC-1  

Veterans Mortgage Forum-Main  


About Us-Website-LCG(160x27)-1
Contact Us-Website-LCG(160x27)-1

On March 2, 2012, FinCEN issued an Advisory about SAR Confidentiality, especially with respect to unauthorized SAR disclosure.

On April 16, 2012, for the first time, the Financial Crimes Enforcement Network (FinCEN), will require nonbank mortgage lenders and originators to implement an Anti-Money Laundering program (AML Program) and file Suspicious Activity Reports (SARs) for certain loan transactions. 

FinCEN is establishing this AML Program in accordance with the Bank Secrecy Act (BSA).

The guidelines relating to the AML Program requirement become effective on April 16, 2012, and the AML Program's effective compliance date is August 13, 2012.

I notified you about the AML program in our newsletter of March 13, 2012.

I also gave you access to my recent article that covers the AML Program and its required components; Suspicious Activity Reports and the filing requirements; Record Retention; Examination expectations; and, FinCEN Examination readiness.

The published article, entitled Anti-Money Laundering Debuts for Nonbanks, may be downloaded from our website.

In this newsletter, I would like to provide some information regarding this recent FinCEN Advisory regarding SAR confidentiality.


Jonathan Foxx
President & Managing Director
 In This Newsletter-1 
FinCEN's Advisory (Advisory) is directed at financial institutions and the lawyers that advise them of the requirement to maintain the confidentiality of Suspicious Activity Reports (SARs).

The Advisory has been issued because FinCEN is concerned that an increasing number of private parties, who are not authorized to know of the existence of filed SARs, are seeking SARs from financial institutions for use in civil litigation and other matters.

Financial institutions, and their current and former directors, officers, employees, agents, and contractors, are prohibited from disclosing SARs, or any information that would reveal the existence of a SAR.

Due to an escalation in the number of requests for use of SARs in private litigation, FinCEN believes there may be an increased potential of an unauthorized SAR disclosure. This is especially true when external counsel is unfamiliar with the regulations covering SAR confidentiality.

It is important to mention that financial institutions, and their current and former directors, officers, employees, agents, and contractors could be subject to civil and criminal penalties for the unauthorized disclosure of a SAR.
The general reason for not disclosing SAR information is that unauthorized disclosure of SARs could undermine ongoing and future investigations by tipping off suspects, deterring financial institutions from filing SARs, and threatening the safety and security of institutions and individuals who file such reports.

Therefore, disclosure of SARs compromises the essential role SARs are purported to play in "protecting the financial system and in preventing and detecting financial crimes and terrorist financing."

According to FinCEN, the success of the SAR reporting system depends upon the financial sector's confidence that these reports will be appropriately protected.
First: let us be clear, the unauthorized disclosure of a SAR is a violation of federal law.

Both civil and criminal penalties may be imposed for SAR disclosure violations.

With respect to civil and criminal monetary penalties, violations may be enforced through civil penalties of up to $100,000 for each violation and criminal penalties of up to $250,000 - which may include imprisonment not to exceed five years.

Second: financial institutions could be liable for civil monetary penalties resulting from anti-money laundering program deficiencies (i.e., internal controls, training, et cetera) that led to the SAR disclosure. Such penalties could be up to $25,000 per day for each day the violation continues.

Third: FinCEN works with regulatory agencies, law enforcement, self-regulatory organizations, and financial institutions to take appropriate action for unauthorized disclosures of SARs.

And incidents involving possible unauthorized SAR disclosures are investigated, with appropriate action taken for violations of the law.
All employees, agents, and individuals appropriately entrusted with information in a SAR should be informed about the individual obligation to maintain SAR confidentiality. This obligation applies not only to the SAR itself, but also to information that would reveal the existence (or non-existence) of the SAR. Likewise, such persons should be informed of the consequences for failing to maintain such confidentiality, which could include civil and criminal penalties.

I would strongly recommend that ongoing training for all employees cover the consequences of unauthorized SAR disclosures - and training in SAR compliance is required in the AML Program itself! Furthermore, financial institutions should remind their counsel of the strict requirements of SAR confidentiality.

Risk-based measures to enhance the confidentiality of SARs should be included in the AML Program and related policies and procedures, among other appropriate security measures.

Such measures should include limiting access on a "need-to-know" basis, restricting areas for reviewing SARs, logging of access to SARs, using cover sheets for SARs or information that reveals the existence of a SAR, or providing electronic notices that highlight confidentiality concerns before a person may access or disseminate the information.
Contact FinCEN's Office of Chief Counsel at (703) 905-3590 if:
  • An employee or the financial institution becomes aware of an unauthorized disclosure of a SAR.
  • The company receives a subpoena or other request for a SAR from other than an authorized government authority or self-regulatory organization as defined in the applicable SAR regulations.
Additionally, an institution may be required to contact its primary federal regulator, as applicable.
  Professional AssistanceLCG 
Contact Us-2
Law Library Image

SAR Confidentiality Reminder
for Internal and External Counsel of Financial Institutions
March 2, 2012
Suite of ServicesSuite
LENDERS COMPLIANCE GROUP is the first full-service, mortgage risk management firm in the United States specializing exclusively in outsourced mortgage compliance and offering a full suite of services in residential mortgage banking for banks and non-banks.

Pioneers in outsourcing solutions for mortgage compliance. 

Professional guidance and support to financial institutions!  

Mortgage Compliance
CFPB Examination Preparation
Anti-Money Laundering Compliance
Legal and Regulatory Compliance
State Banking Examinations
HUD/FHA Examinations
Loan Originator Compensation
Licensing Compliance
HMDA/CRA and Fair Lending
Information Technology & Security
Training and Education
Quality Control
Prefunding Fannie LQI Audits
Platform Development
Retail and Wholesale Compliance
Correspondent Compliance
Servicer Compliance
Affiliates Compliance (RESPA)
Business Development
Advertising Compliance
Loss Mitigation Strategies
Forensic Mortgage Services
Sarbanes-Oxley Compliance (Part 404)
Audit and Due Diligence Reviews
Regulatory and Sales Training
Portfolio Risk Management
Credit Risk Management
Loan Analytics Audits
Compliance Audits
Policies and Procedures
Due Diligence Reviews
Portfolio Purchase Audits
GSE Applications
Ginnie Mae Applications

This communication is sent to our valued clients and colleagues, who regularly receive our Mortgage Compliance Updates, Compliance Alerts, Commentaries, and related publications.

These publications are free to subscribers. Information contained herein is not intended to be and is not a source of legal advice.

� 2006-2012 Lenders Compliance Group, Inc. All Rights Reserved.