Additional Efforts Are Needed to Improve the Bank Secrecy
Act Compliance Program
March 2004
Reference
Number: 2004-30-068
This report has cleared the Treasury
Inspector General for Tax Administration disclosure review process and
information determined to be restricted from public release has been redacted
from this document.
March
12, 2004
MEMORANDUM FOR
COMMISSIONER, SMALL BUSINESS/SELF-EMPLOYED DIVISION
FROM: Gordon C. Milbourn III /s/ Gordon C.
Milbourn III
Acting Deputy Inspector
General for Audit
SUBJECT: Final Audit Report - Additional Efforts
Are Needed to Improve the Bank Secrecy Act Compliance Program (Audit # 200330004)
This
report presents the results of our review of the Internal Revenue Service’s
(IRS) Bank Secrecy Act (BSA) Compliance Program. This is one of three Treasury Inspector General for Tax
Administration audit reports on the IRS’ anti-money laundering (AML) and BSA
compliance programs. The overall
objective of this review was to determine
whether the IRS effectively administers a program that ensures compliance with
BSA reporting requirements.
In
summary, the BSA was designed to assist in the detection and prevention of
criminal activity by creating paper trails from financial institutions back to
criminal organizations. It authorizes
the Department of the Treasury to require banks and other financial
institutions to retain designated financial transaction records that the
Secretary deems useful in criminal, tax, and regulatory investigations. In
response to the tragic events of September 11, 2001, the Congress passed and the
President signed into law the United and Strengthening America by Providing
Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT)
Act of 2001. This new law made changes
to the BSA, effectively including financial institutions in the war on
terrorism.
The two
components of the Department of the Treasury with significant responsibilities
for the administration of the BSA are the IRS and the Financial Crimes Enforcement
Network (FinCEN). The Department of the
Treasury relies on the expertise and resources of each bureau to perform the
many functions necessary to carry out the purposes of the BSA.
The authority
to examine Nonbank Financial Institutions (NBFI) for BSA compliance has been
delegated to the IRS pursuant to 31 C.F.R. § 103.56(b)(8) and under
Treasury Directive 15-41 (December 1, 1992).
The IRS is responsible for examining NBFIs for compliance with the BSA’s
reporting, record keeping, and compliance program requirements. NBFIs include the following financial
institutions:
·
Over 160,000 Money
Services Businesses, comprised of such diverse financial service providers as
check cashers; currency exchangers or dealers; issuers, sellers, and redeemers
of traveler’s checks, money orders, and stored value; and money transmitters.
·
Approximately 600
casinos or other gaming organizations located in some 30 states and territories
and on tribal lands.
The events of September 11,
2001, and the enactment of the USA PATRIOT Act increase the significance of the
IRS BSA compliance program. With this
increased focus on compliance with the BSA, it is important for the IRS to
administer its BSA program as efficiently and effectively as possible.
Overall, the IRS has
improved its BSA compliance program since our last review, but the risk of
undetected noncompliance still exists.
Specifically, the program does not have meaningful performance measures,
management information system data are not fully analyzed, and case selection
is not risk-based. Further, cases do
not contain the documentation necessary to assess civil penalties, examiners
cannot access Suspicious Activity Reports (SAR) for better case development,
and education and outreach should be better coordinated with the FinCEN.
We recommended the Director,
Reporting Enforcement, Compliance, Small Business/Self-Employed (SB/SE)
Division, establish measurable performance-based indicators, ensure the
management information system provides useful analytical reports for monitoring
program performance, and develop standardized risk-based case selection
criteria. We also recommended the
Director reinforce the importance of good case documentation, provide
additional instructions and case models, implement a centralized quality review
process, and coordinate with the FinCEN to secure access to SARs. In addition, we recommended the Director,
Taxpayer Education and Communication (TEC), SB/SE Division, coordinate with the
FinCEN on education and outreach strategies to avoid duplication of efforts.
Management’s Response: The
Commissioner, SB/SE Division, agreed with our recommendations. In October 2003, the SB/SE Division began
the process of developing performance measures in accordance with the IRS’
Embedded Quality Measures process.
These program measures will conform to the Balanced Measures
concept. The BSA compliance program has
also added a senior program analyst to analyze and report program results to
the Director, Compliance on a monthly basis.
Additionally, the SB/SE Division Research function is developing a
scoring system, or set of rules, to prioritize the BSA compliance program
workload. The BSA compliance program
hired two technical advisors to assist the field offices with case
quality. Common examination issues will
be periodically published on the AML website.
Management is also participating in a study to measure the effectiveness
of recently conducted training.
The Commissioner, SB/SE
Division, recognized the importance of securing access to SARs for BSA examiners
and revenue agents in the regular examination program and has initiated a
Memorandum of Understanding with the Director of the FinCEN to permit BSA
examiner access. IRS senior executives
will continue to pursue access to SARs for revenue agents in the regular
Examination function. The Director,
TEC, SB/SE Division, has partnered with key FinCEN personnel and will continue
partnering through periodic meetings to discuss priorities and overall
coordination of outreach efforts. The
FinCEN also received a copy of the TEC national AML strategy for Fiscal Year
2004 for review and comment. This helps
ensure the SB/SE Division’s overall AML strategy parallels the FinCEN’s
priorities and prevents duplicative efforts.
Management’s complete response to the draft report is included as
Appendix VI.
Copies of this report are
also being sent to the IRS managers affected by the report
recommendations. Please contact me at
(202) 622-6510 if you have questions or Richard Dagliolo, Acting Assistant
Inspector General for Audit (Small Business and Corporate Programs), at (631)
654-6028.
Measurable Performance Indicators
and Better Use of Management Information System Data Are Needed
Risk-Based Case Selection, Improved Documentation, and Access to Additional Tools Are Needed
Better Coordination With the Financial Crimes Enforcement Network Is Needed
Few Referrals Were Made to the Financial
Crimes Enforcement Network for Civil Penalty Consideration
Appendix
I – Detailed Objective, Scope, and Methodology
Appendix
II – Major Contributors to This Report
Appendix
III – Report Distribution List
Appendix IV –
Bank Secrecy Act Violations and Penalties
Appendix V –
History of the Bank Secrecy Act
Appendix VI
– Management’s Response to the Draft Report
The Bank Secrecy Act (BSA) was
designed to assist in the detection and prevention of criminal activity by
creating paper trails from financial institutions back to criminal
organizations. It authorizes the
Department of the Treasury to require banks and other financial institutions to
retain designated financial transaction records that the Secretary deems useful
in criminal, tax, and regulatory investigations. The two components of the Department of the Treasury with
significant responsibilities for the administration of the BSA are the Internal Revenue Service (IRS) and
the Financial Crimes Enforcement Network (FinCEN). The Department of the Treasury relies on the expertise and
resources of each bureau to perform the many functions necessary to carry out
the purposes of the BSA. See Appendix V
for a brief history and purpose of the BSA.
The authority to examine Nonbank
Financial Institutions (NBFI) has been delegated to the IRS pursuant to 31
C.F.R. § 103.56(b)(8) and under Treasury Directive
15-41 (December 1, 1992). The IRS is
responsible for examining NBFIs for compliance with the BSA’s reporting, record
keeping, and compliance program requirements.
NBFIs include the following financial institutions:
· Over 160,000 Money Services Businesses (MSB), comprised of such diverse financial service providers as check cashers; currency exchangers or dealers; issuers, sellers, and redeemers of traveler’s checks, money orders, and stored value; and money transmitters.
· Approximately 600 casinos or other gaming organizations located in some 30 states and territories and on tribal lands.
The IRS BSA compliance program
has two essential functions: (i) identification
of those financial institutions subject to the BSA requirements (and thus
compliance checks) because they fall within the definitions contained in 31
C.F.R. Part 103 and (ii) performance of an examination, review,
or other type of audit activity to assess compliance with the BSA. An examination also provides the opportunity
to give useful feedback to the financial institution and to assure corrective
action has been taken with respect to any compliance program deficiencies or
any violations of the BSA (e.g., with respect to reports not being filed
timely or records not being maintained).
Examinations for BSA compliance may result in referrals to the Criminal
Investigation (CI) function for tax evasion or money laundering investigations
when appropriate. The results of BSA
compliance efforts by field resources are reported quarterly to the Director,
Reporting Enforcement, Compliance, Small Business/Self-Employed (SB/SE)
Division.
Prior to
September 11, 2001, the BSA was already one of the main Federal laws requiring
monitoring of financial information. In
response to the events of September 11, 2001, the Congress passed and the
President signed into law the United and Strengthening America by Providing
Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT)
Act of 2001. This new law made changes
to the BSA, effectively including financial institutions in the war on
terrorism. The USA PATRIOT Act expands
the Federal Government’s role and gives more monitoring responsibilities to
individual financial institutions. The IRS, as part of its
modernization program, has given responsibility for its BSA compliance efforts
to the SB/SE Division’s Anti-money Laundering (AML) Program.
We performed this audit during the period February through September 2003 in the SB/SE Division’s New Carrollton, Maryland, Headquarters Office and its Los Angeles and San Jose, California; New York, New York; and Philadelphia, Pennsylvania, field offices. The audit was performed in accordance with Government Auditing Standards. Detailed information on our audit objective, scope, and methodology is presented in Appendix I. Major contributors to the report are listed in Appendix II.
In a prior audit report, we described how the IRS needed to improve its program for ensuring compliance with BSA reporting requirements and improve controls over the program to reasonably ensure the achievement of program objectives. The report concluded that without changes there is a significant risk of undetected noncompliance and increasingly inconsistent program delivery. We recommended the IRS:
· Strengthen the oversight of the BSA compliance program.
· Develop and deliver an educational/information package to a larger number of businesses covered by the IRS BSA compliance program.
· Improve field manager accountability for program objectives.
· Establish measurable performance indicators.
· Improve tracking of results.
· Increase the number of IRS employees in the program.
· Ensure BSA examiners receive sufficient training.
During this review, we evaluated the
effectiveness of the IRS’ corrective actions to our recommendations. We determined the IRS has made some changes
to its BSA compliance program in response to our December 2000 audit report,
but risks continue to confront the program.
To strengthen oversight of the BSA compliance program, the IRS
established a national Program Manager position. To educate businesses that might be covered by the IRS BSA
compliance program, the FinCEN, through a contractor, developed and distributed
an education/information package to approximately 10,000 potential MSBs.
To improve field manager accountability, the
BSA established dedicated groups; examiners in these groups will work only AML
cases and managers will be accountable for program results. Prior to the establishment of dedicated
groups, most BSA compliance reviews were collateral assignments.
To improve examiners’ skills, the BSA
compliance program revised its training program and has trained most of the
participants since 2002. Prior to 2002,
the program had not provided training for a number of years. BSA training was provided to approximately
200 examiners in 2002. Training
consisted of basic compliance check classes, specialized classes for casino
compliance checks, and classes for managers.
Dedicated BSA compliance groups should enhance managerial and examiner
skills by working these cases daily.
To increase the number of employees in the
BSA compliance program, the IRS entered into an interagency agreement
with the FinCEN. Hiring of 70
additional examiners and staff began in September 2002.
While these changes have enhanced the BSA
compliance program, our follow-up review determined the IRS did not effectively
implement corrective actions to two recommendations in our December 2000 audit
report.
The BSA compliance
program needs to establish meaningful performance measures and goals
Our December 2000 audit report recommended the BSA program establish measurable performance indicators. To date, though, the BSA compliance program has only one measurable goal: delivery of Direct Examination Staff Years (DESY). To accomplish this goal, the IRS need only assign sufficient personnel to the program to meet the allocated DESYs. There are no other measures for evaluating the program’s performance.
According to the Government Performance and Results Act of 1993 (GPRA), management must establish performance goals to define the level of performance to be achieved by a program activity, and these goals should be stated in an objective, quantifiable, and measurable form. Since DESYs are quantifiable and measurable, they meet this requirement. However, the GPRA also states that performance indicators should be used in measuring or assessing the relevant outputs, service levels, and outcomes of each program activity. The measure of DESYs applied to the BSA compliance program does not assess the relevant outputs or outcomes of the program.
In our December 2000 audit report, we recommended the program establish measurable performance-based indicators for BSA activities in accordance with GPRA guidance. Management responded that there is a misconception about not having performance indicators. According to management’s response,
Management has program expectations and deliverables;
however, the sensitivity over the misuse of statistics may have contributed to
this perception of a lack of indicators.
The mission of our AML program is identification, notification, and enforcement. To accomplish this mission, the Fiscal Year
(FY) 2001 plan includes 173 full time employees devoted to the AML program
nationwide.
We
continue to believe the IRS should establish performance measures that gauge
the program’s activities and productivity.
For instance, goals should measure more than the delivery of DESYs or
the number of cases closed. Rather,
goals should measure case results and their cumulative effect on
compliance. Once appropriate measures are chosen, they should act as a common focus
for management to target problem areas, highlight successes, and generally
increase the rate of performance improvement through enhanced learning.
While measures have value as stand-alone
indicators, they are typically used together to present a more complete picture
of key mission delivery processes.
Without performance measures, managers often have great difficulty
getting results from information systems because they cannot define their needs
precisely. These types of
measures would assist management in determining whether resources are
efficiently applied, methods for case selection are effective, and the
program’s efforts are positively affecting compliance.
Management Information System (MIS) data needs to be used more effectively
Analysis of MIS data could help determine the effectiveness of the BSA compliance program. However, the MIS contained inaccurate data. The main function of the stand-alone MIS in FY 2002 was to count cases and contacts. That MIS did not capture time spent on cases. A new MIS was implemented at the end of FY 2003. AML coordinators were still testing this new MIS at the end of our audit fieldwork in September 2003. The new MIS is designed to capture more information than the previous MIS.
According to the General Accounting Office (GAO) Executive Guide for Improving Performance Through Strategic Information Management and Technology (GAO/AIMD-94-115, dated May 1994), agencies need to provide MIS capabilities that support operational performance reporting. Standard measurement practices focus on benefits, costs, and risks. In most cases, this includes program outcomes, resource consumption, and elapsed time (i.e., cycle time) of specific work processes, activities, or transactions. Because of inadequacies in the previous BSA compliance program MIS, managers could not determine the performance of the program.
In FY 2002, the MIS data consisted of each Area Office furnishing a report to the SB/SE Division Headquarters Office showing the number of cases closed and violations identified. These reports were then rolled up into a national report showing nationwide results. We did not identify analysis that compared differences in Area Office effectiveness.
To evaluate the program’s effectiveness, we analyzed the number of cases closed and the number of cases with violations. We also selected a judgmental sample of cases from three Area Offices and identified the time spent on these cases. Figure 1 shows the results of our review.
|
Description |
Area Office A |
Area Office B |
Area Office C |
|---|---|---|---|
|
Total
BSA Cases Closed in FY 2002 |
48 |
77 |
412 |
|
Cases
With Violations |
24 |
8 |
45 |
|
Percentage
of Cases With Violations |
50% |
10% |
11% |
|
Cases
Reviewed by the TIGTA |
24 |
27 |
25 |
|
Cases
With Time Documented on the Examiner’s Activity Record |
23 |
2 |
25 |
|
Total
Hours Spent |
1,392 |
141 |
2,181 |
|
Average
Hours Per Case Reviewed |
61 |
71 |
87 |
|
Cases
With Violations From the TIGTA’s Sample |
14 |
0 |
1 |
Source: BSA
compliance program reports and TIGTA analysis of 76 BSA compliance cases.
Note: Area Office B did
not have a full-time AML group. Area
Office A had 14 full-time examiners, and Area Office C had 12 full-time examiners.
This analysis is an example of information that would be useful to management in determining the results of resources applied to the BSA compliance program. Analysis of information on cases closed and cases with violations would assist management in measuring productivity. While these indicators need not be used to measure individual examiner performance, they are useful in determining best practices and identifying areas for improving the program.
For example, our analysis determined Area Office A identified violations in 50 percent of the cases it closed, while Area Offices B and C identified violations in only 10 and 11 percent of their cases, respectively. This type of analysis might lead management to try to determine why more violations are not being identified in Area Offices B and C.
Additionally, Area Office C accounted for 76 percent of cases closed in FY 2002 for all 3 Area Offices combined, which might lead management to determine why more cases are not being worked in Area Offices A and B.
The prior MIS did not capture time charged on cases. Each examiner should document the amount of time spent on a case in the case file, but time is not charged to individual cases on time reports. For the cases in our sample, we determined the average hours spent on cases in Area Office C from our sample cases were 26 and 16 hours more than for Area Offices A and B, respectively.
Also, statistics relating to the number of referrals to the FinCEN for civil penalty consideration and referrals to the CI function were incorrect. AML coordinators submitted quarterly results to the IRS Headquarters, where results were compiled into a nationwide summary. According to the FY 2002 activity report, the BSA compliance program referred seven cases to the CI function and seven cases to the FinCEN. In our efforts to identify these cases, we found that both numbers were incorrect.
Management told us that coordinators made errors in the quarterly reporting and reduced referrals to the CI function to three and referrals to the FinCEN to two. We did not verify receipt of these two cases by the FinCEN but accepted the IRS’ claim of two referrals because it provided additional supporting information. An improved MIS could help eliminate future discrepancies.
Performance data should be useful, accurate, and timely for managing the program. MIS data should be as useful as possible. Without adequate MIS information, the IRS cannot effectively manage and monitor this program.
The Director, Reporting
Enforcement, Compliance, SB/SE Division, should:
1.
Establish measurable performance-based indicators for the
BSA program.
Management’s Response: In October 2003,
the SB/SE Division began the process of developing measures in accordance with
the IRS Embedded Quality Measures process.
A team met to develop AML Program measures that conform to the Balanced
Measures concept.
2.
Ensure the new MIS provides accurate and useful information
and analytical reports for better managing the BSA compliance program.
Management’s Response: A senior program
analyst was added to the BSA compliance program staff and conducted analyses
for FY 2003 and the first quarter of FY 2004.
These analyses were provided to the Director, Compliance, SB/SE
Division, and additional analyses will be provided on a monthly basis.
Although the IRS recently made several changes to the BSA compliance program, there continues to be significant risk of undetected noncompliance and inconsistent program delivery. Based on our review of a judgmentally selected sample of 76 cases from 3 Area Offices, standard case selection criteria are not used, cases are not properly documented, and potential noncompliance information is not available.
No standard criteria exist for selecting BSA compliance cases
We did not identify any standard criteria for case selection or follow-up compliance visits. AML coordinators use their own criteria to select cases from an inventory of NBFIs maintained on a database at the IRS Detroit Computing Center. None of the locations we visited used a standard case selection process.
Per the IRS Strategic Plan 2000-2005, the IRS has limited resources. Therefore it is essential that it apply them where they will be of the most value in reducing noncompliance while ensuring fairness, observing taxpayer rights, and reducing the need to burden those who do comply. A risk-based, data-driven process to select the potentially most noncompliant MSBs for compliance checks could be a more effective selection method than the current processes.
Management has not established case selection criteria. Developing a risk-based case selection process will assist in maximizing the IRS’ use of resources. Since resources for this program are limited, the resources need to be applied to areas with the most potential for noncompliance. For instance, follow-up visits could be mandatory for cases in which violations are identified. One coordinator stated there is no time for follow-up visits.
Since there are no criteria for case selection, it is possible that the cases with the most potential are not being selected. A risk-based selection process would help ensure cases with the most potential are included in the compliance program.
Cases do not contain the documentation necessary to assess
civil penalties
Review of our judgmental sample of closed cases from three Area Offices determined that documentation frequently did not meet IRS guidelines. In one Area Office, cases were well documented. However, cases in the other two Area Offices did not contain documentation to show the work performed to arrive at the compliance review determination. In some BSA compliance checks, the IRS determines the compliance deficiencies warrant the assessment of civil penalties. These cases are referred to the FinCEN for penalty consideration. The FinCEN has the authority to assess civil penalties for BSA violations by MSBs. Appendix IV presents BSA violations and the associated penalties the FinCEN may assess. In addition, the CI function can initiate investigations when criminal activity is involved.
IRS guidelines clearly outline case documentation requirements. Figure 2 provides the results of our review of documentation for the 76 cases.
Documentation Required by the Internal Revenue
Manual (IRM)
|
Present
|
Missing
|
|---|---|---|
|
CI Function Clearance |
17 |
59 (78%) |
|
Appointment Letter Used to
Contact the NBFI |
43 |
33 (43%) |
|
Information Document
Request (Form 4564) |
38 |
38 (50%) |
|
Case Activity Record Used
to Record Case History |
70 |
6 (8%) |
|
Examination Information
Report (Form 5346) |
15 |
61 (80%) |
|
Continuation of
Examination Workpapers (Form 4318 A) |
29 |
47 (62%) |
|
Memoranda of Interviews |
6 |
70 (92%) |
|
Supporting Workpapers |
51 |
25 (33%) |
Source: TIGTA analysis of 76 BSA compliance cases.
In
the Area Office in which cases were well documented, there were more instances
of violations identified. Specifically:
·
Area Office A
cases were well documented and examiners identified violations in 14 of 24
cases.
The BSA compliance program also does not have a centralized quality review function to assess case development and identify national issues and trends. One result of poor case documentation is that most cases referred to the FinCEN for civil penalty consideration are not assessed penalties. Of the 3,373 cases examined in FY 2002, only 2 were referred to the FinCEN for civil penalty consideration, and no penalties were assessed. In discussions with FinCEN representatives, we were advised that poor case documentation is a major reason why civil penalties are not being assessed.
Examiners do not have access to Suspicious Activity Reports (SAR)
BSA examiners and revenue agents (RA) in IRS Examination groups do not have access to all of the tools that, in our opinion, should be available for their use during BSA and income tax examinations. Specifically, BSA examiners and other RAs do not have access to SARs. Certain MSBs are required to report suspicious activity; they are to file SARs when transactions that are conducted by, at, or through the MSBs are both suspicious and $2,000 or more.
At the IRS, only CI function employees have access to SARs. The SARs are the property of the FinCEN, but they are accessible to law enforcement functions in certain agencies. For BSA examiners, case development may be incomplete without SAR information. For RAs, SARs may provide leads for additional areas and issues to review during income tax examinations. According to FinCEN personnel, there are legal issues that must be addressed before granting additional IRS employees access to SARs. FinCEN representatives, however, were agreeable to granting this access for BSA examiners. Granting this access to RAs would be beneficial to tax administration.
Without access to this additional case-building tool, employees may not be able to adequately develop and document cases, and the FinCEN may be unable to assess civil penalties when warranted. Access to SARs would allow BSA examiners and RAs to better plan and conduct compliance checks and income tax examinations.
The Director, Compliance Enforcement, SB/SE Division,
should:
3.
Develop
standard risk-based case selection criteria that would provide minimum
requirements and parameters for case selection.
Management’s Response: The SB/SE
Division Research function is developing a scoring system, or set of rules, to
prioritize workload by using Currency Banking Retrieval System data. Until the scoring system is implemented, AML
coordinators will receive additional oversight to ensure BSA compliance checks
are initiated on a risk basis.
4.
Reinforce the importance of case documentation with
specific instructions or case models and implement a centralized quality review
process.
Management’s Response: Two technical
advisors were hired to assist with case quality. Since reporting in July 2003, these new advisors have reviewed
cases in process to provide feedback and assisted in Area Office operational
reviews. A periodic publication will
also be added to the AML web site to address common examination issues. A centralized quality review process is part
of the embedded quality measures process initiated in October 2003.
5.
Coordinate
with the FinCEN to secure BSA examiner and RA access to SARs.
Management’s Response: The Commissioner,
SB/SE Division, has initiated a Memorandum of Understanding with the Director
of the FinCEN to permit BSA examiners access to SARs for the purpose of MSB
compliance checks. IRS senior
executives will continue to pursue access to SARs for RAs in the regular
examination program.
In Calendar Year 2002, through a contractor, the FinCEN conducted a major outreach and education initiative to approximately 10,000 businesses. The FinCEN’s contractor was to identify and contact potential MSBs via mail. These businesses were not registered as MSBs but may have conducted business requiring registration. In FY 2002, the IRS was also conducting visits to approximately 2,200 businesses in an attempt to identify MSBs and educate these businesses about the BSA requirements. IRS officials did not receive a list of the approximately 10,000 businesses included in the FinCEN’s education and outreach effort until October 2002.
Since the IRS did not know which businesses the FinCEN contacted, the IRS may have duplicated the FinCEN’s educational and outreach efforts. Without improved coordination between the FinCEN and the IRS, there is continued potential for duplication. If coordination between the IRS and the FinCEN had been more effective, IRS resources spent on education visits could have been put to better use.
In FY 2003 the IRS transferred education and communication responsibilities from the BSA compliance program to its Taxpayer Education and Communication (TEC) function. The TEC function hired six AML Specialists for these purposes. Although registration of MSBs required to report and maintain records under the BSA is now a shared responsibility between the BSA compliance program and the TEC function, BSA examiners are no longer performing one-on-one education visits. AML coordinators, however, continue to research various sources, such as the Internet and telephone directories, to identify potential MSBs requiring registration. Additionally, during BSA compliance checks, examiners ask MSB personnel about competitors and then determine if they are appropriately registered.
According to the FY 2002 President’s Management Agenda (PMA), Federal agencies must find disciplined and focused approaches to address waste. This is a long-standing and substantial challenge. Federal agencies must take the steps necessary to become high-performing organizations. An expected result of the PMA is that organizations burdened with overlapping functions work more harmoniously. It is important that the IRS and the FinCEN coordinate to avoid duplication of efforts.
6.
The
Director, TEC, SB/SE Division, should coordinate with
the FinCEN on all education and outreach efforts.
Management’s Response: The Director,
TEC, developed a comprehensive national AML strategy for FY 2004 and shared
this strategy with the FinCEN. This
plan will help ensure the key components of the SB/SE Division’s overall AML
strategy parallel the FinCEN’s priorities and prevent duplicative efforts. In addition, the TEC function AML monthly
contact report captures information about outreach events and is shared with
the FinCEN to keep the FinCEN apprised of the TEC function’s efforts.
For some BSA compliance checks, the IRS determines that the compliance deficiencies warrant the assessment of civil penalties. These cases are referred to the FinCEN for penalty consideration. The FinCEN has the authority to assess civil penalties for BSA violations by MSBs. In FY 2002, examiners in the BSA compliance program conducted approximately 3,400 compliance checks. Of these, only three were referred to the CI function for potential criminal investigation, and two were referred to the FinCEN for civil penalty consideration.
In our opinion, a total of only two referrals to the FinCEN appears low considering the number of compliance checks performed. With such a low referral rate, it is reasonable to assume there is some undetected noncompliance. According to IRS personnel, BSA examiners are reluctant to submit cases to the FinCEN for civil penalty consideration because they believe the FinCEN rarely assesses them on MSBs.
From our discussions with AML coordinators and IRS managers, we concluded there is a perception among examiners that there is no need to refer cases to the FinCEN because the FinCEN does not assess penalties. If this perception is pervasive among examiners, civil penalties will not be assessed on legitimate cases warranting them. On the other hand, FinCEN officials told us that, because of poor case documentation and inadequate evidence, the referred cases do not provide the information necessary for assessing civil penalties.
In our opinion, examiners should develop cases to their full potential and make the necessary referrals without regard to their perception of the FinCEN. The FinCEN has the authority to assess these penalties, and the IRS has the responsibility to provide the necessary information for penalty consideration. Declining to refer cases to the FinCEN because it does not assess penalties results in inadequate enforcement of BSA regulations and allows abusive MSBs to remain noncompliant.
We believe if the IRS effectively implements the recommendations in the preceding sections of this report, the number of cases referred to the FinCEN for civil penalty consideration should increase.
Appendix I
Detailed Objective, Scope,
and Methodology
The overall objective of our audit was to determine whether the Internal Revenue Service (IRS) effectively administers a program that ensures compliance with Bank Secrecy Act (BSA) reporting requirements. To accomplish this objective, we:
B.
Determining
whether the SB/SE Division established appropriate performance-based indicators
in accordance with the Government Performance and Results Act of 1993 (GPRA).
C. Determining whether the SB/SE Division significantly expanded the information available to BSA-covered businesses by developing and delivering education/information packages to all identified or potential BSA reporting entities.
D. Determining whether the selection process for BSA managers and examiners provides the appropriate resources to the program.
E.
Determining whether the BSA compliance program
Management Information Systems provide meaningful and useful information for
effectively managing the program.
II.
Determined
whether the IRS efficiently and effectively planned for and implemented BSA
compliance program changes to address new reporting requirements contained in
the United and Strengthening
America by Providing Appropriate Tools Required to Intercept and Obstruct
Terrorism (USA PATRIOT) Act of 2001.
A. Determined the new BSA reporting requirements in the USA PATRIOT Act.
B. Determined the extent and quality of coordination between the IRS and the Financial Crimes Enforcement Network (the IRS’ key partner) in planning and executing the IRS BSA compliance program.
A. Interviewed management to discuss and review the process for identifying covered businesses.
B. Determined whether new procedures were developed to better identify potential terrorist-related activity connected with noncompliance by NBFIs.
C. Obtained and reviewed procedures and guidelines for performing compliance checks.
D. Assessed the quality of compliance checks by selecting a judgmental sample of 76 cases from 3 Area Offices and reviewing case files.
E. Analyzed compliance visit results to determine the impact of the compliance program.
F.
Determined
follow-up visit requirements, if any.
G. Determined whether additional data-driven criteria could be applied to better focus BSA compliance efforts.
Appendix II
Major Contributors to This Report
Richard Dagliolo, Acting Assistant Inspector
General for Audit (Small Business and Corporate Programs)
Parker F. Pearson, Director
Philip Shropshire, Director
Preston Benoit, Audit Manager
Cynthia Dozier, Senior Auditor
James S. Mills, Jr., Senior Auditor
Erlinda Foye, Management Analyst
Appendix III
Commissioner C
Office of the Commissioner – Attn: Chief of Staff C
Deputy Commissioner for Services and Enforcement SE
Acting Deputy Commissioner, Small Business/Self-Employed Division SE:S
Acting Director, Compliance, Small Business/Self-Employed Division SE:S:C
Director, Taxpayer
Education and Communication, Small Business/Self-Employed Division SE:S:T
Chief Counsel CC
National Taxpayer
Advocate TA
Director, Office of
Legislative Affairs CL:LA
Director, Office of
Program Evaluation and Risk Analysis
RAS:O
Office of
Management Controls OS:CFO:AR:M
Audit Liaisons:
Commissioner, Small Business/Self-Employed Division SE:S
Deputy Director, Compliance Policy, Small Business/Self-Employed Division SE:S:C:CP
Appendix IV
Violation
|
Persons Subject to Penalty |
Penalty |
Authority |
|---|---|---|---|
|
Failure to comply
with any record keeping requirement for a financial institution except |
§
Any domestic financial
institution. §
Any partner, director,
officer, or employee who willfully participates in the violation. |
Not to exceed
$1,000. |
31 U.S.C. § 5321(a)(1);
12 U.S.C. |
|
Failure to comply
with requirements to report transportation of monetary instrument (CMIR)
found in |
§
Any domestic financial
institution. §
Any partner, director,
officer, or employee who willfully participates in the violation. |
Up to the amount of
the currency or monetary instruments transported, mailed, or shipped less any
amount forfeited under the authority of 31 C.F.R. |
31 U.S.C. § 5321(a)(2); 31 C.F.R. |
|
Failure to
comply with any reporting requirement for financial institutions, including
report retention requirements.
Exceptions: §
Failure to report a
foreign account 31 U.S.C. § 5314; §
Failure to report a
transaction with a foreign financial agency 31 U.S.C. § 5315; |
§
Any domestic financial
institution. §
Any partner, director,
officer, or employee who willfully participates in the violation. |
Not to exceed the
greater of: the amount involved in the transaction (not to exceed $100,000)
or $25,000. |
31 U.S.C. § 5321(a)(1); 31 C.F.R. |
|
Any violation of 31 U.S.C. |
Any person. |
§
Not to exceed the
amount of coins and currency involved in the transaction with respect to
which such penalty is imposed. §
The amount of any
civil penalty assessed shall be reduced by the amount of any forfeiture in
connection with the transaction for which the penalty was imposed. |
31 U.S.C. §
5321(a)(4); 31 C.F.R. |
|
Failure to report a
foreign account under 31 C.F.R. § 103.24 or
maintain related records under |
Any person. |
Not to exceed the
greater of: an amount equal to the balance of the account at the time of the
violation (not to exceed $100,000) or $25,000. |
31 U.S.C. § 5321(a)(5); 31 C.F.R. |
|
Failure to report a
transaction with a foreign financial agency required by 31 C.F.R. § 103.25. |
Any person. |
Not to exceed the
greater of: the amount (not to exceed
$100,000) of the transaction or $25,000. |
31 U.S.C. § 5321(a)(5); 31 C.F.R. |
|
Failure to
comply with any requirement of 31 U.S.C. § 5330 or 31
C.F.R. § 103.41, that is registration of money
services businesses. This includes
failure to retain a copy of the registration. |
Any person who is
required to comply. This includes any
person who owns up to 5 percent of corporate stock, a partner, or other owner
of a money services business. |
Up to $5,000 per day per violation. |
31 U.S.C. |
|
Failure to
comply with a geographic targeting order issued under 31 U.S.C. § 5326;
|
§
Any domestic financial
institution. §
Any partner, director,
officer, or employee who willfully participates in the violation. |
The penalties are
the same as those for record keeping and reporting violations in general. |
31 U.S.C. |
|
Failure to comply
with any special measures order issued under |
§
Any domestic financial
institution. §
Any partner, director,
officer, or employee who willfully participates in the violation. |
An amount equal to
not less than 2 times
the amount of the transaction but not more than $1,000,000. |
31 U.S.C. § 5321(a)(7); 31 C.F.R. |
|
Failure to
comply with the information sharing rules required by Sec. 314 of the USA
PATRIOT Act and found at |
§
Any financial
institution defined in 31 C.F.R. § 103.110. §
Any partner, director,
officer, or employee who willfully participates in the violation. |
$25,000 per day. |
31 U.S.C. § 5321(a)(1); 31 C.F.R. |
|
Failure to
establish a compliance program under 31 U.S.C. |
§
Any financial
institution defined in 31 U.S.C. § 5312(a). §
Any partner, director,
officer, or employee who willfully participates in the violation. |
$25,000 per day. |
31 U.S.C. § 5321(a)(1); 31 C.F.R. |
|
Failure to comply
with due diligence requirements for banks, brokers, and some other financial
institutions set forth at 31 U.S.C. § 5318(i)
and at 31 C.F.R. |
§
Any financial
institution included in 31 U.S.C. § 5318(i). §
Any partner, director,
officer, or employee who willfully participates in the violation. |
An amount equal to not less than 2 times the amount of the transaction but not more than $1,000,000. |
31 U.S.C. § 5321(a)(7);
31 C.F.R. |
Appendix V
In October 1970, in response to
evidence from the United States (U.S.) law enforcement community that bank
secrecy was impeding the investigation of organized crime and other criminal
activities, the Congress enacted legislation commonly referred to as the Bank
Secrecy Act (BSA). The BSA is designed
to assist in the detection and prevention of criminal activity by creating a paper
trail from financial institutions back to the criminal organization. It authorizes the Department of the Treasury
to require banks and other financial institutions to retain designated
financial transaction records that the Secretary deems useful in criminal, tax,
and regulatory investigations. The BSA
also authorizes the Secretary to require financial institutions and, in some
cases, other businesses and private citizens, to file reports on a wide variety
of financial transactions that establish and preserve a financial trail for
investigators to follow as they track criminals, their activities, and their
assets.
Since 1970, the BSA has been
amended a number of times to give the Department of the Treasury a wider
variety of regulatory tools to combat money laundering. In 1986, money laundering was made a crime
in its own right in recognition of the growth and seriousness of the
problem. In 1992, the Secretary was
authorized to promulgate regulations requiring financial institutions to
establish anti-money laundering programs.
Currently, many types of financial institutions are subject to
regulations promulgated under the BSA, including:
·
Approximately 24,000 depository institutions, including
state and Federally chartered commercial banks, savings banks and other
thrifts, and credit unions.
· An estimated 160,000 Money Services Businesses, comprised of such diverse financial providers as check cashers; currency dealers or exchangers; issuers, sellers, and redeemers of traveler’s checks, money orders, and stored value; and money transmitters.
· Some 40,000 U.S. Post Office sites.
· Approximately 600 casinos or other gaming organizations located in some 30 states and territories and on tribal lands.
· Approximately 5,000 securities firms.
· An undetermined number of other entities, such as insurance companies, that may become subject to the BSA regulations under BSA § 5312 or as a result of the United and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act of 2001.
The BSA authorizes the Secretary of the Treasury, inter alia, to issue regulations requiring financial institutions and other persons to keep records; file reports that are determined to have a high degree of usefulness in criminal, tax, regulatory, intelligence, and counter-terrorism matters; and implement counter-money laundering programs and compliance procedures. The two components of the Department of the Treasury with significant responsibilities for the administration of the BSA – which is part of the substantial role they both play in the fight against many forms of financial crime – are the Internal Revenue Service (IRS) and the Financial Crimes Enforcement Network. The Department of the Treasury relies on the expertise and resources of each bureau to perform the many functions necessary to carry out the purposes of the BSA.
The financial information
reported on BSA forms is used by law enforcement as one of many tools to follow
the money trail and build investigations.
Over time, the BSA has become an important tool in the fight against
money laundering and, with passage of the USA PATRIOT Act, a vital part of the
effort to cut off and disrupt the financial infrastructure of international
terrorism. Thus the IRS, with both
civil and criminal divisions, is in the unique position of being a consumer of
BSA information as well as playing an important role in administering the
regulatory infrastructure that produces it.
Appendix VI
The response was
removed due to its size. To see the
response, please go to the Adobe PDF version of the report on the TIGTA Public
Web Page.