Additional Efforts Are Needed to Improve the Bank Secrecy Act Compliance Program

 

March 2004

 

Reference Number:  2004-30-068

 

 

This report has cleared the Treasury Inspector General for Tax Administration disclosure review process and information determined to be restricted from public release has been redacted from this document.

 

March 12, 2004

 

 

MEMORANDUM FOR COMMISSIONER, SMALL BUSINESS/SELF-EMPLOYED DIVISION

 

FROM:     Gordon C. Milbourn III /s/ Gordon C. Milbourn III

                 Acting Deputy Inspector General for Audit

 

SUBJECT:     Final Audit Report - Additional Efforts Are Needed to Improve the Bank Secrecy Act Compliance Program  (Audit # 200330004)

 

This report presents the results of our review of the Internal Revenue Service’s (IRS) Bank Secrecy Act (BSA) Compliance Program.  This is one of three Treasury Inspector General for Tax Administration audit reports on the IRS’ anti-money laundering (AML) and BSA compliance programs.  The overall objective of this review was to determine whether the IRS effectively administers a program that ensures compliance with BSA reporting requirements.

In summary, the BSA was designed to assist in the detection and prevention of criminal activity by creating paper trails from financial institutions back to criminal organizations.  It authorizes the Department of the Treasury to require banks and other financial institutions to retain designated financial transaction records that the Secretary deems useful in criminal, tax, and regulatory investigations.  In response to the tragic events of September 11, 2001, the Congress passed and the President signed into law the United and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act of 2001.  This new law made changes to the BSA, effectively including financial institutions in the war on terrorism.

The two components of the Department of the Treasury with significant responsibilities for the administration of the BSA are the IRS and the Financial Crimes Enforcement Network (FinCEN).  The Department of the Treasury relies on the expertise and resources of each bureau to perform the many functions necessary to carry out the purposes of the BSA.

The authority to examine Nonbank Financial Institutions (NBFI) for BSA compliance has been delegated to the IRS pursuant to 31 C.F.R. § 103.56(b)(8) and under Treasury Directive 15-41 (December 1, 1992). The IRS is responsible for examining NBFIs for compliance with the BSA’s reporting, record keeping, and compliance program requirements.  NBFIs include the following financial institutions:

·        Over 160,000 Money Services Businesses, comprised of such diverse financial service providers as check cashers; currency exchangers or dealers; issuers, sellers, and redeemers of traveler’s checks, money orders, and stored value; and money transmitters.

·        Approximately 600 casinos or other gaming organizations located in some 30 states and territories and on tribal lands.

The events of September 11, 2001, and the enactment of the USA PATRIOT Act increase the significance of the IRS BSA compliance program.  With this increased focus on compliance with the BSA, it is important for the IRS to administer its BSA program as efficiently and effectively as possible.

Overall, the IRS has improved its BSA compliance program since our last review, but the risk of undetected noncompliance still exists. Specifically, the program does not have meaningful performance measures, management information system data are not fully analyzed, and case selection is not risk-based.  Further, cases do not contain the documentation necessary to assess civil penalties, examiners cannot access Suspicious Activity Reports (SAR) for better case development, and education and outreach should be better coordinated with the FinCEN.

We recommended the Director, Reporting Enforcement, Compliance, Small Business/Self-Employed (SB/SE) Division, establish measurable performance-based indicators, ensure the management information system provides useful analytical reports for monitoring program performance, and develop standardized risk-based case selection criteria.  We also recommended the Director reinforce the importance of good case documentation, provide additional instructions and case models, implement a centralized quality review process, and coordinate with the FinCEN to secure access to SARs.  In addition, we recommended the Director, Taxpayer Education and Communication (TEC), SB/SE Division, coordinate with the FinCEN on education and outreach strategies to avoid duplication of efforts.

Management’s Response:  The Commissioner, SB/SE Division, agreed with our recommendations.  In October 2003, the SB/SE Division began the process of developing performance measures in accordance with the IRS’ Embedded Quality Measures process. These program measures will conform to the Balanced Measures concept.  The BSA compliance program has also added a senior program analyst to analyze and report program results to the Director, Compliance on a monthly basis. Additionally, the SB/SE Division Research function is developing a scoring system, or set of rules, to prioritize the BSA compliance program workload.  The BSA compliance program hired two technical advisors to assist the field offices with case quality.  Common examination issues will be periodically published on the AML website. Management is also participating in a study to measure the effectiveness of recently conducted training.

The Commissioner, SB/SE Division, recognized the importance of securing access to SARs for BSA examiners and revenue agents in the regular examination program and has initiated a Memorandum of Understanding with the Director of the FinCEN to permit BSA examiner access.  IRS senior executives will continue to pursue access to SARs for revenue agents in the regular Examination function.  The Director, TEC, SB/SE Division, has partnered with key FinCEN personnel and will continue partnering through periodic meetings to discuss priorities and overall coordination of outreach efforts.  The FinCEN also received a copy of the TEC national AML strategy for Fiscal Year 2004 for review and comment.  This helps ensure the SB/SE Division’s overall AML strategy parallels the FinCEN’s priorities and prevents duplicative efforts. Management’s complete response to the draft report is included as Appendix VI.

Copies of this report are also being sent to the IRS managers affected by the report recommendations.  Please contact me at (202) 622-6510 if you have questions or Richard Dagliolo, Acting Assistant Inspector General for Audit (Small Business and Corporate Programs), at (631) 654-6028.

 

Table of Contents

Background

Measurable Performance Indicators and Better Use of Management Information System Data Are Needed

Recommendations 1 and 2:

Risk-Based Case Selection, Improved Documentation, and Access to Additional Tools Are Needed

Recommendations 3 and 4:

Recommendation 5:

Better Coordination With the Financial Crimes Enforcement Network Is Needed

Recommendation 6:

Few Referrals Were Made to the Financial Crimes Enforcement Network for Civil Penalty Consideration

Appendix I – Detailed Objective, Scope, and Methodology

Appendix II – Major Contributors to This Report

Appendix III – Report Distribution List

Appendix IV – Bank Secrecy Act Violations and Penalties

Appendix V – History of the Bank Secrecy Act

Appendix VI – Management’s Response to the Draft Report

 

Background

The Bank Secrecy Act (BSA) was designed to assist in the detection and prevention of criminal activity by creating paper trails from financial institutions back to criminal organizations.  It authorizes the Department of the Treasury to require banks and other financial institutions to retain designated financial transaction records that the Secretary deems useful in criminal, tax, and regulatory investigations.  The two components of the Department of the Treasury with significant responsibilities for the administration of the BSA are the Internal Revenue Service (IRS) and the Financial Crimes Enforcement Network (FinCEN).  The Department of the Treasury relies on the expertise and resources of each bureau to perform the many functions necessary to carry out the purposes of the BSA.  See Appendix V for a brief history and purpose of the BSA.

The authority to examine Nonbank Financial Institutions (NBFI) has been delegated to the IRS pursuant to 31 C.F.R. § 103.56(b)(8) and under Treasury Directive 15-41 (December 1, 1992).  The IRS is responsible for examining NBFIs for compliance with the BSA’s reporting, record keeping, and compliance program requirements. NBFIs include the following financial institutions:

·        Over 160,000 Money Services Businesses (MSB), comprised of such diverse financial service providers as check cashers; currency exchangers or dealers; issuers, sellers, and redeemers of traveler’s checks, money orders, and stored value; and money transmitters.

·        Approximately 600 casinos or other gaming organizations located in some 30 states and territories and on tribal lands.

The IRS BSA compliance program has two essential functions:  (i) identification of those financial institutions subject to the BSA requirements (and thus compliance checks) because they fall within the definitions contained in 31 C.F.R. Part 103 and (ii) performance of an examination, review, or other type of audit activity to assess compliance with the BSA.  An examination also provides the opportunity to give useful feedback to the financial institution and to assure corrective action has been taken with respect to any compliance program deficiencies or any violations of the BSA (e.g., with respect to reports not being filed timely or records not being maintained). Examinations for BSA compliance may result in referrals to the Criminal Investigation (CI) function for tax evasion or money laundering investigations when appropriate.  The results of BSA compliance efforts by field resources are reported quarterly to the Director, Reporting Enforcement, Compliance, Small Business/Self-Employed (SB/SE) Division.

Prior to September 11, 2001, the BSA was already one of the main Federal laws requiring monitoring of financial information.  In response to the events of September 11, 2001, the Congress passed and the President signed into law the United and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act of 2001.  This new law made changes to the BSA, effectively including financial institutions in the war on terrorism.  The USA PATRIOT Act expands the Federal Government’s role and gives more monitoring responsibilities to individual financial institutions.  The IRS, as part of its modernization program, has given responsibility for its BSA compliance efforts to the SB/SE Division’s Anti-money Laundering (AML) Program.

We performed this audit during the period February through September 2003 in the SB/SE Division’s New Carrollton, Maryland, Headquarters Office and its Los Angeles and San Jose, California; New York, New York; and Philadelphia, Pennsylvania, field offices.  The audit was performed in accordance with Government Auditing Standards. Detailed information on our audit objective, scope, and methodology is presented in Appendix I.  Major contributors to the report are listed in Appendix II.

Measurable Performance Indicators and Better Use of Management Information System Data Are Needed

In a prior audit report, we described how the IRS needed to improve its program for ensuring compliance with BSA reporting requirements and improve controls over the program to reasonably ensure the achievement of program objectives.  The report concluded that without changes there is a significant risk of undetected noncompliance and increasingly inconsistent program delivery.  We recommended the IRS:

·        Strengthen the oversight of the BSA compliance program.

·        Develop and deliver an educational/information package to a larger number of businesses covered by the IRS BSA compliance program.

·        Improve field manager accountability for program objectives.

·        Establish measurable performance indicators.

·        Improve tracking of results.

·        Increase the number of IRS employees in the program.

·        Ensure BSA examiners receive sufficient training.

During this review, we evaluated the effectiveness of the IRS’ corrective actions to our recommendations.  We determined the IRS has made some changes to its BSA compliance program in response to our December 2000 audit report, but risks continue to confront the program. To strengthen oversight of the BSA compliance program, the IRS established a national Program Manager position.  To educate businesses that might be covered by the IRS BSA compliance program, the FinCEN, through a contractor, developed and distributed an education/information package to approximately 10,000 potential MSBs.

To improve field manager accountability, the BSA established dedicated groups; examiners in these groups will work only AML cases and managers will be accountable for program results.  Prior to the establishment of dedicated groups, most BSA compliance reviews were collateral assignments.

To improve examiners’ skills, the BSA compliance program revised its training program and has trained most of the participants since 2002.  Prior to 2002, the program had not provided training for a number of years.  BSA training was provided to approximately 200 examiners in 2002.  Training consisted of basic compliance check classes, specialized classes for casino compliance checks, and classes for managers. Dedicated BSA compliance groups should enhance managerial and examiner skills by working these cases daily.

To increase the number of employees in the BSA compliance program, the IRS entered into an interagency agreement with the FinCEN.  Hiring of 70 additional examiners and staff began in September 2002.

While these changes have enhanced the BSA compliance program, our follow-up review determined the IRS did not effectively implement corrective actions to two recommendations in our December 2000 audit report.

The BSA compliance program needs to establish meaningful performance measures and goals

Our December 2000 audit report recommended the BSA program establish measurable performance indicators. To date, though, the BSA compliance program has only one measurable goal:  delivery of Direct Examination Staff Years (DESY).  To accomplish this goal, the IRS need only assign sufficient personnel to the program to meet the allocated DESYs.  There are no other measures for evaluating the program’s performance.

According to the Government Performance and Results Act of 1993 (GPRA), management must establish performance goals to define the level of performance to be achieved by a program activity, and these goals should be stated in an objective, quantifiable, and measurable form.  Since DESYs are quantifiable and measurable, they meet this requirement.  However, the GPRA also states that performance indicators should be used in measuring or assessing the relevant outputs, service levels, and outcomes of each program activity.  The measure of DESYs applied to the BSA compliance program does not assess the relevant outputs or outcomes of the program.

In our December 2000 audit report, we recommended the program establish measurable performance-based indicators for BSA activities in accordance with GPRA guidance. Management responded that there is a misconception about not having performance indicators.  According to management’s response,

Management has program expectations and deliverables; however, the sensitivity over the misuse of statistics may have contributed to this perception of a lack of indicators. The mission of our AML program is identification, notification, and enforcement.  To accomplish this mission, the Fiscal Year (FY) 2001 plan includes 173 full time employees devoted to the AML program nationwide.

We continue to believe the IRS should establish performance measures that gauge the program’s activities and productivity. For instance, goals should measure more than the delivery of DESYs or the number of cases closed.  Rather, goals should measure case results and their cumulative effect on compliance.  Once appropriate measures are chosen, they should act as a common focus for management to target problem areas, highlight successes, and generally increase the rate of performance improvement through enhanced learning.

While measures have value as stand-alone indicators, they are typically used together to present a more complete picture of key mission delivery processes. Without performance measures, managers often have great difficulty getting results from information systems because they cannot define their needs precisely.  These types of measures would assist management in determining whether resources are efficiently applied, methods for case selection are effective, and the program’s efforts are positively affecting compliance.

Management Information System (MIS) data needs to be used more effectively

Analysis of MIS data could help determine the effectiveness of the BSA compliance program.  However, the MIS contained inaccurate data.  The main function of the stand-alone MIS in FY 2002 was to count cases and contacts.  That MIS did not capture time spent on cases.  A new MIS was implemented at the end of FY 2003.  AML coordinators were still testing this new MIS at the end of our audit fieldwork in September 2003.  The new MIS is designed to capture more information than the previous MIS.

According to the General Accounting Office (GAO) Executive Guide for Improving Performance Through Strategic Information Management and Technology (GAO/AIMD-94-115, dated May 1994), agencies need to provide MIS capabilities that support operational performance reporting.  Standard measurement practices focus on benefits, costs, and risks. In most cases, this includes program outcomes, resource consumption, and elapsed time (i.e., cycle time) of specific work processes, activities, or transactions.  Because of inadequacies in the previous BSA compliance program MIS, managers could not determine the performance of the program.

In FY 2002, the MIS data consisted of each Area Office furnishing a report to the SB/SE Division Headquarters Office showing the number of cases closed and violations identified.  These reports were then rolled up into a national report showing nationwide results.  We did not identify analysis that compared differences in Area Office effectiveness.

To evaluate the program’s effectiveness, we analyzed the number of cases closed and the number of cases with violations. We also selected a judgmental sample of cases from three Area Offices and identified the time spent on these cases. Figure 1 shows the results of our review.

Figure 1:  BSA Case Closures and Time Spent on Cases Sampled by the Treasury Inspector General for Tax Administration (TIGTA)

Description

Area Office A

Area Office B

Area Office C

Total BSA Cases Closed in FY 2002

48

77

412

Cases With Violations

24

8

45

Percentage of Cases With Violations

50%

10%

11%

Cases Reviewed by the TIGTA

24

27

25

Cases With Time Documented on the Examiner’s Activity Record

23

2

25

Total Hours Spent

1,392

141

2,181

Average Hours Per Case Reviewed

61

71

87

Cases With Violations From the TIGTA’s Sample

14

0

1

Source:  BSA compliance program reports and TIGTA analysis of 76 BSA compliance cases.

 Note:  Area Office B did not have a full-time AML group.  Area Office A had 14 full-time examiners, and Area Office C had 12 full-time examiners.

This analysis is an example of information that would be useful to management in determining the results of resources applied to the BSA compliance program.  Analysis of information on cases closed and cases with violations would assist management in measuring productivity.  While these indicators need not be used to measure individual examiner performance, they are useful in determining best practices and identifying areas for improving the program. 

For example, our analysis determined Area Office A identified violations in 50 percent of the cases it closed, while Area Offices B and C identified violations in only 10 and 11 percent of their cases, respectively.  This type of analysis might lead management to try to determine why more violations are not being identified in Area Offices B and C.

Additionally, Area Office C accounted for 76 percent of cases closed in FY 2002 for all 3 Area Offices combined, which might lead management to determine why more cases are not being worked in Area Offices A and B.

The prior MIS did not capture time charged on cases.  Each examiner should document the amount of time spent on a case in the case file, but time is not charged to individual cases on time reports.  For the cases in our sample, we determined the average hours spent on cases in Area Office C from our sample cases were 26 and 16 hours more than for Area Offices A and B, respectively.

Also, statistics relating to the number of referrals to the FinCEN for civil penalty consideration and referrals to the CI function were incorrect.  AML coordinators submitted quarterly results to the IRS Headquarters, where results were compiled into a nationwide summary.  According to the FY 2002 activity report, the BSA compliance program referred seven cases to the CI function and seven cases to the FinCEN. In our efforts to identify these cases, we found that both numbers were incorrect.

Management told us that coordinators made errors in the quarterly reporting and reduced referrals to the CI function to three and referrals to the FinCEN to two.  We did not verify receipt of these two cases by the FinCEN but accepted the IRS’ claim of two referrals because it provided additional supporting information.  An improved MIS could help eliminate future discrepancies.

Performance data should be useful, accurate, and timely for managing the program.  MIS data should be as useful as possible.  Without adequate MIS information, the IRS cannot effectively manage and monitor this program.

Recommendations

The Director, Reporting Enforcement, Compliance, SB/SE Division, should:

1.      Establish measurable performance-based indicators for the BSA program.

Management’s Response:  In October 2003, the SB/SE Division began the process of developing measures in accordance with the IRS Embedded Quality Measures process. A team met to develop AML Program measures that conform to the Balanced Measures concept.

2.      Ensure the new MIS provides accurate and useful information and analytical reports for better managing the BSA compliance program.

Management’s Response:  A senior program analyst was added to the BSA compliance program staff and conducted analyses for FY 2003 and the first quarter of FY 2004. These analyses were provided to the Director, Compliance, SB/SE Division, and additional analyses will be provided on a monthly basis.

Risk-Based Case Selection, Improved Documentation, and Access to Additional Tools Are Needed

Although the IRS recently made several changes to the BSA compliance program, there continues to be significant risk of undetected noncompliance and inconsistent program delivery.  Based on our review of a judgmentally selected sample of 76 cases from 3 Area Offices, standard case selection criteria are not used, cases are not properly documented, and potential noncompliance information is not available.

No standard criteria exist for selecting BSA compliance cases

We did not identify any standard criteria for case selection or follow-up compliance visits.  AML coordinators use their own criteria to select cases from an inventory of NBFIs maintained on a database at the IRS Detroit Computing Center.  None of the locations we visited used a standard case selection process.

Per the IRS Strategic Plan 2000-2005, the IRS has limited resources.  Therefore it is essential that it apply them where they will be of the most value in reducing noncompliance while ensuring fairness, observing taxpayer rights, and reducing the need to burden those who do comply. A risk-based, data-driven process to select the potentially most noncompliant MSBs for compliance checks could be a more effective selection method than the current processes.

Management has not established case selection criteria.  Developing a risk-based case selection process will assist in maximizing the IRS’ use of resources.  Since resources for this program are limited, the resources need to be applied to areas with the most potential for noncompliance.  For instance, follow-up visits could be mandatory for cases in which violations are identified.  One coordinator stated there is no time for follow-up visits. 

Since there are no criteria for case selection, it is possible that the cases with the most potential are not being selected.  A risk-based selection process would help ensure cases with the most potential are included in the compliance program.

Cases do not contain the documentation necessary to assess civil penalties

Review of our judgmental sample of closed cases from three Area Offices determined that documentation frequently did not meet IRS guidelines.  In one Area Office, cases were well documented.  However, cases in the other two Area Offices did not contain documentation to show the work performed to arrive at the compliance review determination.  In some BSA compliance checks, the IRS determines the compliance deficiencies warrant the assessment of civil penalties.  These cases are referred to the FinCEN for penalty consideration. The FinCEN has the authority to assess civil penalties for BSA violations by MSBs.  Appendix IV presents BSA violations and the associated penalties the FinCEN may assess.  In addition, the CI function can initiate investigations when criminal activity is involved. 

IRS guidelines clearly outline case documentation requirements.  Figure 2 provides the results of our review of documentation for the 76 cases.

Figure 2:  Missing Case Documentation in BSA Cases

Documentation Required by the Internal Revenue Manual (IRM)

Present

Missing

CI Function Clearance

17

59 (78%)

Appointment Letter Used to Contact the NBFI

43

33 (43%)

Information Document Request (Form 4564)

38

38 (50%)

Case Activity Record Used to Record Case History

70

6 (8%)

Examination Information Report (Form 5346)

15

61 (80%)

Continuation of Examination Workpapers (Form 4318 A)

29

47 (62%)

Memoranda of Interviews

6

70 (92%)

Supporting Workpapers

51

25 (33%)

Source:  TIGTA analysis of 76 BSA compliance cases.

In the Area Office in which cases were well documented, there were more instances of violations identified.  Specifically:

·        Area Office A cases were well documented and examiners identified violations in 14 of 24 cases.

The BSA compliance program also does not have a centralized quality review function to assess case development and identify national issues and trends.  One result of poor case documentation is that most cases referred to the FinCEN for civil penalty consideration are not assessed penalties. Of the 3,373 cases examined in FY 2002, only 2 were referred to the FinCEN for civil penalty consideration, and no penalties were assessed.  In discussions with FinCEN representatives, we were advised that poor case documentation is a major reason why civil penalties are not being assessed.

Examiners do not have access to Suspicious Activity Reports (SAR)

BSA examiners and revenue agents (RA) in IRS Examination groups do not have access to all of the tools that, in our opinion, should be available for their use during BSA and income tax examinations.  Specifically, BSA examiners and other RAs do not have access to SARs.  Certain MSBs are required to report suspicious activity; they are to file SARs when transactions that are conducted by, at, or through the MSBs are both suspicious and $2,000 or more.

At the IRS, only CI function employees have access to SARs.  The SARs are the property of the FinCEN, but they are accessible to law enforcement functions in certain agencies.  For BSA examiners, case development may be incomplete without SAR information.  For RAs, SARs may provide leads for additional areas and issues to review during income tax examinations.  According to FinCEN personnel, there are legal issues that must be addressed before granting additional IRS employees access to SARs.  FinCEN representatives, however, were agreeable to granting this access for BSA examiners.  Granting this access to RAs would be beneficial to tax administration.

Without access to this additional case-building tool, employees may not be able to adequately develop and document cases, and the FinCEN may be unable to assess civil penalties when warranted.  Access to SARs would allow BSA examiners and RAs to better plan and conduct compliance checks and income tax examinations.

Recommendations

The Director, Compliance Enforcement, SB/SE Division, should:

3.      Develop standard risk-based case selection criteria that would provide minimum requirements and parameters for case selection.

Management’s Response:  The SB/SE Division Research function is developing a scoring system, or set of rules, to prioritize workload by using Currency Banking Retrieval System data.  Until the scoring system is implemented, AML coordinators will receive additional oversight to ensure BSA compliance checks are initiated on a risk basis.

4.      Reinforce the importance of case documentation with specific instructions or case models and implement a centralized quality review process.

Management’s Response:  Two technical advisors were hired to assist with case quality.  Since reporting in July 2003, these new advisors have reviewed cases in process to provide feedback and assisted in Area Office operational reviews.  A periodic publication will also be added to the AML web site to address common examination issues.  A centralized quality review process is part of the embedded quality measures process initiated in October 2003.

5.      Coordinate with the FinCEN to secure BSA examiner and RA access to SARs.

Management’s Response:  The Commissioner, SB/SE Division, has initiated a Memorandum of Understanding with the Director of the FinCEN to permit BSA examiners access to SARs for the purpose of MSB compliance checks.  IRS senior executives will continue to pursue access to SARs for RAs in the regular examination program.

Better Coordination With the Financial Crimes Enforcement Network Is Needed

In Calendar Year 2002, through a contractor, the FinCEN conducted a major outreach and education initiative to approximately 10,000 businesses.  The FinCEN’s contractor was to identify and contact potential MSBs via mail.  These businesses were not registered as MSBs but may have conducted business requiring registration. In FY 2002, the IRS was also conducting visits to approximately 2,200 businesses in an attempt to identify MSBs and educate these businesses about the BSA requirements.  IRS officials did not receive a list of the approximately 10,000 businesses included in the FinCEN’s education and outreach effort until October 2002.

Since the IRS did not know which businesses the FinCEN contacted, the IRS may have duplicated the FinCEN’s educational and outreach efforts.  Without improved coordination between the FinCEN and the IRS, there is continued potential for duplication.  If coordination between the IRS and the FinCEN had been more effective, IRS resources spent on education visits could have been put to better use.

In FY 2003 the IRS transferred education and communication responsibilities from the BSA compliance program to its Taxpayer Education and Communication (TEC) function.  The TEC function hired six AML Specialists for these purposes.  Although registration of MSBs required to report and maintain records under the BSA is now a shared responsibility between the BSA compliance program and the TEC function, BSA examiners are no longer performing one-on-one education visits. AML coordinators, however, continue to research various sources, such as the Internet and telephone directories, to identify potential MSBs requiring registration.  Additionally, during BSA compliance checks, examiners ask MSB personnel about competitors and then determine if they are appropriately registered.

According to the FY 2002 President’s Management Agenda (PMA), Federal agencies must find disciplined and focused approaches to address waste.  This is a long-standing and substantial challenge.  Federal agencies must take the steps necessary to become high-performing organizations.  An expected result of the PMA is that organizations burdened with overlapping functions work more harmoniously. It is important that the IRS and the FinCEN coordinate to avoid duplication of efforts.

Recommendation

6.      The Director, TEC, SB/SE Division, should coordinate with the FinCEN on all education and outreach efforts.

Management’s Response:  The Director, TEC, developed a comprehensive national AML strategy for FY 2004 and shared this strategy with the FinCEN.  This plan will help ensure the key components of the SB/SE Division’s overall AML strategy parallel the FinCEN’s priorities and prevent duplicative efforts.  In addition, the TEC function AML monthly contact report captures information about outreach events and is shared with the FinCEN to keep the FinCEN apprised of the TEC function’s efforts.

Few Referrals Were Made to the Financial Crimes Enforcement Network for Civil Penalty Consideration

For some BSA compliance checks, the IRS determines that the compliance deficiencies warrant the assessment of civil penalties.  These cases are referred to the FinCEN for penalty consideration.  The FinCEN has the authority to assess civil penalties for BSA violations by MSBs.  In FY 2002, examiners in the BSA compliance program conducted approximately 3,400 compliance checks.  Of these, only three were referred to the CI function for potential criminal investigation, and two were referred to the FinCEN for civil penalty consideration.

In our opinion, a total of only two referrals to the FinCEN appears low considering the number of compliance checks performed.  With such a low referral rate, it is reasonable to assume there is some undetected noncompliance.  According to IRS personnel, BSA examiners are reluctant to submit cases to the FinCEN for civil penalty consideration because they believe the FinCEN rarely assesses them on MSBs.

From our discussions with AML coordinators and IRS managers, we concluded there is a perception among examiners that there is no need to refer cases to the FinCEN because the FinCEN does not assess penalties.  If this perception is pervasive among examiners, civil penalties will not be assessed on legitimate cases warranting them.  On the other hand, FinCEN officials told us that, because of poor case documentation and inadequate evidence, the referred cases do not provide the information necessary for assessing civil penalties.

In our opinion, examiners should develop cases to their full potential and make the necessary referrals without regard to their perception of the FinCEN.  The FinCEN has the authority to assess these penalties, and the IRS has the responsibility to provide the necessary information for penalty consideration.  Declining to refer cases to the FinCEN because it does not assess penalties results in inadequate enforcement of BSA regulations and allows abusive MSBs to remain noncompliant.

We believe if the IRS effectively implements the recommendations in the preceding sections of this report, the number of cases referred to the FinCEN for civil penalty consideration should increase.

 

Appendix I

 

Detailed Objective, Scope, and Methodology

 

The overall objective of our audit was to determine whether the Internal Revenue Service (IRS) effectively administers a program that ensures compliance with Bank Secrecy Act (BSA) reporting requirements.  To accomplish this objective, we:

I.                           Determined whether the IRS effectively implemented corrective actions to our prior reported audit findings by:

A.                      Determining whether the Small Business/Self-Employed (SB/SE) Division effectively established program and oversight responsibility in the business division.

B.                      Determining whether the SB/SE Division established appropriate performance-based indicators in accordance with the Government Performance and Results Act of 1993 (GPRA).

C.                      Determining whether the SB/SE Division significantly expanded the information available to BSA-covered businesses by developing and delivering education/information packages to all identified or potential BSA reporting entities.

D.                      Determining whether the selection process for BSA managers and examiners provides the appropriate resources to the program.

E.                       Determining whether the BSA compliance program Management Information Systems provide meaningful and useful information for effectively managing the program.

II.                         Determined whether the IRS efficiently and effectively planned for and implemented BSA compliance program changes to address new reporting requirements contained in the United and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act of 2001.

A.                      Determined the new BSA reporting requirements in the USA PATRIOT Act.

B.                      Determined the extent and quality of coordination between the IRS and the Financial Crimes Enforcement Network (the IRS’ key partner) in planning and executing the IRS BSA compliance program.

III.                      Determined whether the BSA compliance program effectively identifies the population of Nonbank Financial Institutions (NBFI), conducts compliance visits in accordance with established procedures, and refers noncompliant NBFIs for appropriate sanctions.

A.                      Interviewed management to discuss and review the process for identifying covered businesses.

B.                      Determined whether new procedures were developed to better identify potential terrorist-related activity connected with noncompliance by NBFIs.

C.                      Obtained and reviewed procedures and guidelines for performing compliance checks.

D.                      Assessed the quality of compliance checks by selecting a judgmental sample of 76 cases from 3 Area Offices and reviewing case files.

E.                       Analyzed compliance visit results to determine the impact of the compliance program.

F.                       Determined follow-up visit requirements, if any.

G.                      Determined whether additional data-driven criteria could be applied to better focus BSA compliance efforts.

 

Appendix II

 

Major Contributors to This Report

 

Richard Dagliolo, Acting Assistant Inspector General for Audit (Small Business and Corporate Programs)

Parker F. Pearson, Director

Philip Shropshire, Director

Preston Benoit, Audit Manager

Cynthia Dozier, Senior Auditor

James S. Mills, Jr., Senior Auditor

Erlinda Foye, Management Analyst

 

Appendix III

 

Report Distribution List

 

Commissioner  C

Office of the Commissioner – Attn:  Chief of Staff  C

Deputy Commissioner for Services and Enforcement  SE

Acting Deputy Commissioner, Small Business/Self-Employed Division  SE:S

Acting Director, Compliance, Small Business/Self-Employed Division  SE:S:C

Director, Taxpayer Education and Communication, Small Business/Self-Employed Division  SE:S:T

Chief Counsel  CC

National Taxpayer Advocate  TA

Director, Office of Legislative Affairs  CL:LA

Director, Office of Program Evaluation and Risk Analysis RAS:O

Office of Management Controls  OS:CFO:AR:M

Audit Liaisons:

Commissioner, Small Business/Self-Employed Division  SE:S

Deputy Director, Compliance Policy, Small Business/Self-Employed Division SE:S:C:CP

 

Appendix IV

 

Bank Secrecy Act Violations and Penalties

 

Violation

Persons Subject to Penalty

Penalty

Authority

Failure to comply with any record keeping requirement for a financial institution except
31 C.F.R.
§ 103.32.

 

§         Any domestic financial institution.

§         Any partner, director, officer, or employee who willfully participates in the violation.

 

Not to exceed $1,000.

 

31 U.S.C. § 5321(a)(1); 12 U.S.C.
§ 1829b(j);
31 C.F.R.
§ 103.57(c)

Failure to comply with requirements to report transportation of monetary instrument (CMIR) found in
31 U.S.C.
§ 5316;
31 C.F.R.
§ 103.23.

 

§         Any domestic financial institution.

§         Any partner, director, officer, or employee who willfully participates in the violation.

 

Up to the amount of the currency or monetary instruments transported, mailed, or shipped less any amount forfeited under the authority of 31 C.F.R.
§ 103.58.

 

31 U.S.C. § 5321(a)(2); 31 C.F.R.
§ 103.57(d)

 

Failure to comply with any reporting requirement for financial institutions, including report retention requirements. Exceptions:

 

§         Failure to report a foreign account 31 U.S.C. § 5314;
31 C.F.R.
§ 103.24.

§         Failure to report a transaction with a foreign financial agency 31 U.S.C. § 5315;
31 C.F.R.
§ 103.25.

 

§         Any domestic financial institution.

§         Any partner, director, officer, or employee who willfully participates in the violation.

 

Not to exceed the greater of: the amount involved in the transaction (not to exceed $100,000) or $25,000.

 

31 U.S.C. § 5321(a)(1); 31 C.F.R.
§ 103.57(f)

 

Any violation of 31 U.S.C.
§ 5324, 31 C.F.R. § 103.63 - that is for the purpose of evading Currency Transaction Report reporting requirements or special reports that may be required under 31 U.S.C. § 5325(b) relating to the sale of monetary instruments, or reports or records required under a geographical targeting order, or record keeping requirements imposed by any regulation prescribed under section 21 of the Federal Deposit Insurance Act or section 123 of Public Law 91-508, that is basically all Bank Secrecy Act record keeping requirements.  The prohibited actions include causing or attempting to cause a domestic financial institution to fail to file a report or maintain a record or to file or maintain a report or record containing a material omission or misstatement of fact or structuring.

 

Any person.

§         Not to exceed the amount of coins and currency involved in the transaction with respect to which such penalty is imposed.

§         The amount of any civil penalty assessed shall be reduced by the amount of any forfeiture in connection with the transaction for which the penalty was imposed.

 

31 U.S.C. § 5321(a)(4); 31 C.F.R.
§ 103.57(e)

 

Failure to report a foreign account under 31 C.F.R. § 103.24 or maintain related records under
31 C.F.R.
§ 103.32.

 

Any person.

 

Not to exceed the greater of: an amount equal to the balance of the account at the time of the violation (not to exceed $100,000) or $25,000.

 

31 U.S.C. § 5321(a)(5); 31 C.F.R.
§ 103.57(g)

 

Failure to report a transaction with a foreign financial agency required by 31 C.F.R. § 103.25.

 

Any person.

 

Not to exceed the greater of:  the amount (not to exceed $100,000) of the transaction or $25,000.

 

31 U.S.C. § 5321(a)(5); 31 C.F.R.
§ 103.57(g)

 

Failure to comply with any requirement of 31 U.S.C. § 5330 or 31 C.F.R. § 103.41, that is registration of money services businesses.  This includes failure to retain a copy of the registration.

 

Any person who is required to comply.  This includes any person who owns up to 5 percent of corporate stock, a partner, or other owner of a money services business.

 

Up to $5,000 per day per violation.

31 U.S.C.
§ 5330 (e); 31 C.F.R.
§ 103.41(e)

 

Failure to comply with a geographic targeting order issued under 31 U.S.C. § 5326;
31 C.F.R.
§ 103.26.

 

§         Any domestic financial institution.

§         Any partner, director, officer, or employee who willfully participates in the violation.

 

The penalties are the same as those for record keeping and reporting violations in general.

 

31 U.S.C.
§ 5321(a);
31 C.F.R.
§ 103.57

 

Failure to comply with any special measures order issued under
31 U.S.C.
§ 5318A.

 

§         Any domestic financial institution.

§         Any partner, director, officer, or employee who willfully participates in the violation.

 

An amount equal to not

less than 2 times the amount of the transaction but not more than $1,000,000.

 

31 U.S.C. § 5321(a)(7); 31 C.F.R.
§ 103.57

 

Failure to comply with the information sharing rules required by Sec. 314 of the USA PATRIOT Act and found at
31 C.F.R.
§ 103 Subpart H.

 

§         Any financial institution defined in 31 C.F.R. § 103.110.

§         Any partner, director, officer, or employee who willfully participates in the violation.

 

$25,000 per day.

31 U.S.C. § 5321(a)(1); 31 C.F.R.
§ 103.57

 

Failure to establish a compliance program under 31 U.S.C.
§ 5318(h) and various regulations appearing at 31 C.F.R. Subpart I.

 

§         Any financial institution defined in 31 U.S.C. § 5312(a).

§         Any partner, director, officer, or employee who willfully participates in the violation.

 

$25,000 per day.

31 U.S.C. § 5321(a)(1); 31 C.F.R.
§ 103.57

 

Failure to comply with due diligence requirements for banks, brokers, and some other financial institutions set forth at 31 U.S.C. § 5318(i) and at 31 C.F.R.
§§ 103.181-.183.

 

§         Any financial institution included in 31 U.S.C. § 5318(i).

§         Any partner, director, officer, or employee who willfully participates in the violation.

 

An amount equal to not less than 2 times the amount of the transaction but not more than $1,000,000.

31 U.S.C. § 5321(a)(7); 31 C.F.R.
§ 103.57

 

Appendix V

 

History of the Bank Secrecy Act

 

In October 1970, in response to evidence from the United States (U.S.) law enforcement community that bank secrecy was impeding the investigation of organized crime and other criminal activities, the Congress enacted legislation commonly referred to as the Bank Secrecy Act (BSA).  The BSA is designed to assist in the detection and prevention of criminal activity by creating a paper trail from financial institutions back to the criminal organization.  It authorizes the Department of the Treasury to require banks and other financial institutions to retain designated financial transaction records that the Secretary deems useful in criminal, tax, and regulatory investigations.  The BSA also authorizes the Secretary to require financial institutions and, in some cases, other businesses and private citizens, to file reports on a wide variety of financial transactions that establish and preserve a financial trail for investigators to follow as they track criminals, their activities, and their assets.

Since 1970, the BSA has been amended a number of times to give the Department of the Treasury a wider variety of regulatory tools to combat money laundering.  In 1986, money laundering was made a crime in its own right in recognition of the growth and seriousness of the problem.  In 1992, the Secretary was authorized to promulgate regulations requiring financial institutions to establish anti-money laundering programs. Currently, many types of financial institutions are subject to regulations promulgated under the BSA, including:

·        Approximately 24,000 depository institutions, including state and Federally chartered commercial banks, savings banks and other thrifts, and credit unions.

·        An estimated 160,000 Money Services Businesses, comprised of such diverse financial providers as check cashers; currency dealers or exchangers; issuers, sellers, and redeemers of traveler’s checks, money orders, and stored value; and money transmitters.

·        Some 40,000 U.S. Post Office sites.

·        Approximately 600 casinos or other gaming organizations located in some 30 states and territories and on tribal lands.

·        Approximately 5,000 securities firms.

·        An undetermined number of other entities, such as insurance companies, that may become subject to the BSA regulations under BSA § 5312 or as a result of the United and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act of 2001. 

The BSA authorizes the Secretary of the Treasury, inter alia, to issue regulations requiring financial institutions and other persons to keep records; file reports that are determined to have a high degree of usefulness in criminal, tax, regulatory, intelligence, and counter-terrorism matters; and implement counter-money laundering programs and compliance procedures. The two components of the Department of the Treasury with significant responsibilities for the administration of the BSA – which is part of the substantial role they both play in the fight against many forms of financial crime – are the Internal Revenue Service (IRS) and the Financial Crimes Enforcement Network.  The Department of the Treasury relies on the expertise and resources of each bureau to perform the many functions necessary to carry out the purposes of the BSA.

The financial information reported on BSA forms is used by law enforcement as one of many tools to follow the money trail and build investigations. Over time, the BSA has become an important tool in the fight against money laundering and, with passage of the USA PATRIOT Act, a vital part of the effort to cut off and disrupt the financial infrastructure of international terrorism.  Thus the IRS, with both civil and criminal divisions, is in the unique position of being a consumer of BSA information as well as playing an important role in administering the regulatory infrastructure that produces it.

 

Appendix VI

 

Management’s Response to the Draft Report

 

The response was removed due to its size.  To see the response, please go to the Adobe PDF version of the report on the TIGTA Public Web Page.