Yesterday a Department of Treasury Office known in law enforcement as “FinCEN” issued a rare public statement saying it is aware of reports that media outlets are preparing to run news stories based upon illegally leaked “Suspicious Activity Reports” — SARs — that banks are required by law to file with FinCen.

The Financial Crimes Enforcement Network (FinCEN) is aware that various media outlets intend to publish a series of articles based on unlawfully disclosed Suspicious Activity Reports (SARs), as well as other sensitive government documents, from several years ago.  As FinCEN has stated previously, the unauthorized disclosure of SARs is a crime that can impact the national security of the United States, compromise law enforcement investigations, and threaten the safety and security of the institutions and individuals who file such reports.  FinCEN has referred this matter to the U.S. Department of Justice and the U.S. Department of the Treasury’s Office of Inspector General.

“FinCEN” is the government agency that receives SARs and CTRs — Currency Transaction Reports — from banks, and then forwards those reports to various federal law enforcement agencies in the location where the bank’s customer is located.  Among the agencies that receive SARs and CTRs are the FBI, IRS, and US Attorney’s Office.  Each federal judicial district has a “committee” which meets periodically — it varies from district to district — to review the SARs and CTRs received, and determine whether there is any basis to conduct a further inquiry into the matters reflected in such Reports.

These are highly sensitive documents and are kept under very tight security.  If you recall, a FinCEN employee was criminally prosecuted after she illegally leaked SARs to a reporter for BuzzFeed News relating to Paul Manafort in October 2017, shortly after the Special Counsel’s Office had taken over the Russia Hoax investigation.  The employee pled guilty earlier this year and is awaiting sentencing.

But there is something important to understand about SARs and how/why they are filed.

There is no established criteria in statutes or regulations about when an SAR must be filed.  CTRs, on the other hand, are very different and there are specific requirements for filling them which I will get to.

A “Suspicious Transaction Report” is to be filed in accordance with the BANK’s POLICY about what the bank considers to be “suspicious” with respect to the banking activities of a particular bank customer.  Each bank is different, and each customer is different, and the application of the policy — to file an SAR or not to file an SAR — is “fact-specific” to each situation.

As a general matter, it is a legal requirement imposed on banks akin to the saying “Know your own customer.”  The banks should have an idea about the kind of banking activities that are normal for a customer based on their historical business practices, and the kind of activities that vary from that customer’s normal business practices, and might thus be considered “suspicious.”

It is not necessary that the action be deemed potentially “illegal” to be deemed “suspicious” — it is only necessary that it be out of the ordinary, and that the transaction satisfies the bank’s internal policy for when it should or should not report a transaction in an SAR.

A simple example makes the point — a bank might have a long-time business customer who regularly receives credit-card deposits into its business account from credit card companies such as Visa or Mastercard, and the daily deposits are generally in the range of $50,000 to $75,000.    If that customer receives a $100,000 incoming wire transfer to the same account from a foreign bank, that transaction will likely trigger an SAR filing. Not because there is anything sinister or illegal about receiving $100,000 from a foreign bank, but simply because the customer does not as a matter of regular banking practices receive such incoming wires from foreign sources.

On the other hand, a company that regularly sells products to foreign customers, and regularly receives payments from foreign customers in the form of incoming wire transfers from foreign banks would not have an SAR filing triggered by their ordinary banking practices.

The “fact” that an SAR is filed tells you nothing about the underlying transaction other than it met the criteria established internally by the bank for when it should or should not file an SAR.

Customers don’t like banks that too freely file SARs because it brings unwanted — and usually unjustified — attention on the customer.  Sometimes federal agents show up and have questions about the transaction when the banking customer has done nothing wrong.  No one likes that kind of scrutiny, and banks sometimes lose customers as a result.  So there are often pressures internally within the bank to not needlessly antagonize customers by filing STRs, but bank management also gets pressure from bank regulators to be diligent about “knowing your customers” in order to file SARs when appropriate.

After an SAR is filed, and FinCEN forwards it to the federal judicial district where the bank customer resides, a review committee looks them over.  As a general matter, they are significant usually only if they relate to someone who is already the subject of an open investigation where their banking transactions are relevant — money laundering, fraud, etc.

When the SAR relates to someone about whom there is no ongoing investigation, there must be something really out of the ordinary about the customer’s activity as explained by the bank for the SAR itself to create a new investigation.  That is extremely rare.

My bank filed an SAR on me while I was an AUSA, and it triggered an IG investigation where I had to sit for an interview.  I had hired a foreign national — legally in the US — to do some work at my house.  He told me he did not have a US bank account, and he wire transferred most of his income to his family in the country where he was from.  He asked me to pay him in cash to make that easier.  I had him sign an appropriate document stating he understood his tax obligations, as well as receipts for every cash payment I made to him.  But because on a couple of occasions my cash withdrawals looked like I might have been taking amounts just under the CTR threshold, my bank filed an SAR with FinCEN indicating I might be engaging in “structuring” which is illegal.  The bank had no knowledge of what I was using the cash for.

The only reason for the SAR was that I didn’t normally withdraw large amounts of cash, and the amounts I was withdrawing on a periodic basis seemed to be intended to avoid the $10,000 CTR triggering threshold.  In the IG interview, I showed the investigators my agreement with the contractor to do the work, the document signed by the contractor about his tax obligations, and the receipts for my payments to him which tracked my cash withdrawals.  That was it.  I never heard from them again.

A CTR is a report filed on ANY transaction that involves an exchange of cash in the amount of $10,000 or more.  It applies to all merchants, not just banks.  There is a process to gain an “exemption” if you regularly engage in a business that generates more than $10,000 cash a day, and your only “transaction” is making cash deposits at your bank that exceed that amount.  There is no “suspicion” involved in a CTR filing – it is just a Treasury tracking method to document such large-dollar transactions conducted with “anonymous” currency which would otherwise leave no paper trail.

Whatever news reports might be in the works — my guess is they concern Donald Trump or Trump, Inc., — understand that SARs alone indicate nothing.

To the extent that is all that is being reported, it’s just “fake news.”

Note: The first version of this story referred to the reports at issue as “STRs” — using the wrong middle letter in the acronym.  The reports in question are “SARs” — “Suspicious Activity Reports” — not “Suspicious Transaction Reports”.   “Transaction” is the middle word in CTRs.  Brain cramp writing in effect.