AML Intelligence
Business Intelligence on AML and Financial Crime for Executive Leaders

Analysis & Opinion, Featured Article, Financial Services

Why I believe the FinCEN leaks were not worth it and why they will be used by some C-Suites to hinder the efforts of hard-working AML professionals

By Sarah Beth Felix CAMS, M.F.S.
President, Palmera Consulting LLC

Were the FinCEN leaks worth it? From what we have seen so far – the answer in my opinion is No.

While there are always a cost/benefit to disclosures of this nature, the FinCEN Files leaks do not meet the measure in this case.

On the other hand for the Panama Papers leak, I believe it was worth it. Those disclosures brought new light to a systemic hidden problem. It made AML practitioners better at understanding offshore and shell companies, it put the world on notice that we now know how to find hidden money.

For the FinCEN Files though, it appears that the organizations and individuals who calculated the cost and benefit, were missing a few key items (see below). Overall, I have to say however that I have not come across anything that would actually move our collective, global effort closer to the goal of being better at detecting and reporting dirty money.

The opinion pieces written by the various agencies seem to lack a few critical data classification elements. For example, the dollar amounts reported by BuzzFeed and various other sites show that trillions of suspicious or illicit dollars passed through these institutions from 1999-2017. However, when reviewing one of the FinCEN Files data-focused article (referenced below), there does not seem to be an accounting for cumulative or ongoing SAR totals.

In the United States, ongoing or recurring SARs result in a cumulative amount (Field 28) on the SAR form. This would look like an institution who files on ongoing suspicious activity and essentially snowballs the total from the last SAR to the present SAR. SAR #1 could have had a total reported of $1MM, SAR #2 filed 90 days later could have $2MM ($1MM from SAR #1 and $1MM from SAR #2); etc. However, from 1999-2012, this was ONE field on a SAR. In 2012, FinCEN switched to a new SAR form that had two fields – one for the SAR report (“involved in this report”) and one for the cumulative amount (field 28).

Since the FinCEN Files encompasses 1999-2017 data, one should have been able to read up on how the ICIJ and BuzzFeed handled the 13 years of cumulative totals for SARs, then the next 4-5 years of SARs that had SAR totals and SAR cumulative broken out into different fields. Because this is not addressed anywhere and the trillions of dollars appear to be sensationalized, I err on the side of assuming that these agencies used the cumulative rolling dollar amount to get to the trillions of dollars.

Another plausible explanation for such large dollar amounts is due to these institutions having compliance issues and undergoing remediation projects. Those kinds of projects can and should result in a different view of activity previously considered not suspicious, and should produce higher dollar SARs as the range of transactional data is older and usually splinters out to involve other related and previously thought unrelated businesses or individuals.

For remediations, producing large lookback SARs is a new sign of effectiveness as lookbacks usually come as punishment for ineffective SAR programs. Having conducted many lookbacks throughout my career for various clients, if a lookback does not produce a new set of eyes on activity that results in SARs, it usually means that the lookback and any changes stemming from the lookback are not effective.

Also, US institutions receive keep open letters from various law enforcement agencies requesting that the accounts are kept open to facilitate the tracing of parties and funds. This is a critical piece that was not taken into account when the ‘trillions of dollars’ hit the headlines.

Institutions play a key role in assisting law enforcement in nabbing the bigger fish. Just because the news agencies know now that some of these companies were bad, doesn’t mean that we have known that all along.

A similar issue noted here is that for the timeline used by BuzzFeed and ICIJ, it did not appear that they incorporated the pivot point.

Pivot points in our industry are when an organization or individual goes from “okay” to “not okay”. For example, Deutsche Bank filed on a company in 2013-2014, while we know NOW the company was associated with Hezbollah and the Taliban. This phrasing is used to state that banks knew all along of the terrorist association, but that is simply not true across the board.

The US Govt deemed this company a threat in October of 2016. So why is it being presented that the bank knowingly allowed dirty money to flow through, when the bank did not know it was suspected “dirty” until 2+ years after they filed?

AML is so nuanced and highly dependent on contextual data… like dates, subpoenas, etc. Why was there no consideration that Deutsche Bank’s 2013/2014 SAR could have provided valuable information to the Treasury which then led to Oct. 2016 listing of these sanctioned individuals?

I would like to know if BuzzFeed broke US federal law by reaching out to the subjects of the SAR to ask them if their money was dirty. What an odd methodology.

When I train boards of directors we talk about how criminals will never just admit that they are selling drugs out of their van. Are they expecting those firms to say “yes, that SAR was totally legit, we are running dirty money”? So why would a news organization reach out to the subject of a SAR and ask them to confirm a report that they have no clue it even existed? Will someone file on BuzzFeed because they revealed to the subject of a SAR that a SAR was filed?

One of the biggest issues that cannot be quantified or even addressed at a formal level, is how this leak can be used to destroy any respect that the anti-money laundering officers (AMLOs) have fought for over the last 15 years.

As a result, we will have not-previously-engaged C-suite executives poking around in the day-to-day SAR operations of the AML team… and not in a good way. A whole league of essentially arm-chair QBs in the form of attorneys and C-suiters that will pitch in on SAR filings and narratives.

Their angle will be to hedge from future potential blackeyes. Overnight, they will become experts on what reportable suspicious activity should look like and will require the AMLOs to prove – beyond a reasonable doubt – that the customer is guilty prior to filing the SAR.

This is not the function of a SAR. That is the job of law enforcement.

This leak could have been used to make the much-needed case in the US, that more law enforcement resources are needed. Instead the focus will be on institutions and how they are facilitating the flow of dirty money. The largest banks have the largest share of dirty money – it is the nature of the beast and not a surprise to most AML practitioners.


Sarah Beth has an unrivalled ability to quickly assess many of the ways in which a criminal could exploit a payment platform, bank or loan product, insurance policy, and investment vehicle. In the AML)world being able to put yourself in the shoes of an individual who is attempting to exploit the financial system and in turn create processes to identify the illicit fund flows, is a necessary skill.

Sarah Beth has 18 years of anti-financial crime management experience with most of those years spent in auditing, consulting, and software validation roles, as she designs and implements technological changes to maximize efficiency throughout an institution’s compliance regime.

In 2011 she founded Palmera Consulting and works with various types of institutions focusing on efficiency and effectiveness within their AML and Sanctions programs. Strong relationships and trusted referrals are the backbone of the last 9 years of her company’s success.

Sarah Beth holds a Bachelor of Arts in Business and a Master of Science in Forensics (M.F.S). SHe is a member of the ACAMS Task Force for two advanced certifications – the Certified Global Sanctions Specialist (CAMS-CGSS) as well as the Certified Risk Management Specialist (CAMS-RM). She is a proud member of the U.S. Military’s Special Operations Command (SOCOM) Working Group for Public-Private Partnership. Sarah Beth is a highly sought-after speaker on the topics of AML, Sanctions, Risk Assessments, Correspondent Banking and Threat Finance typologies with engagements stretching the globe.