New US Banks 'Suspicious'
Customer Reporting Rules
Drawing Big Anger
By Declan McCullagh
WASHINGTON (Reuters) -- U.S. banks must monitor their customers and alert federal officials to "suspicious" behavior under a government plan that has drawn fire as an Orwellian intrusion into Americans' privacy.
A set of proposed regulations released last Monday requires banks to review every customer's "normal and expected transactions" and tip off the IRS and federal law enforcement agencies if the behavior is unusual.
"It turns us into surveillance agents for the government," said John Ehrensperger, compliance director for Atlanta-based Sun Trust Bank. Ehrensperger stressed that he was not speaking on behalf of his employer.
Adopting so-called "Know Your Customer" programs will stifle drug-related money laundering, the Federal Reserve Board has claimed for years. "The proposed regulations will reduce the likelihood that banks will become unwitting participants in illicit activities," the proposed rules say.
Government officials argue the rules are not overly intrusive, and that privacy critics are overreacting.
"It's overly alarmist," said Bob Moore, a spokesman for the Federal Reserve Board. "We're not going to invade anyone's privacy."
Unless regulators change their minds, banks will be required to comply no later than 1 April 2000. The Federal Reserve, the Office of Thrift Supervision, the Office of the Comptroller of the Currency and the Federal Deposit Insurance Corporation have published identical requirements. As written, the rules will not apply to credit unions.
When a bank detects any "suspicious activity," current regulations require that the company complete a five-page report that includes the customer's name, address, Social Security number, driver's license or passport number, date of birth, and information about the transaction.
The banks are required to telephone law enforcement "in situations involving violations requiring immediate attention."
The bank sends the information to a computing center in Detroit, where it becomes part of the Suspicious Activity Reporting System, a mammoth searchable database jointly administered by the IRS and FinCEN that went online in April 1996. Over a dozen agencies-including the FBI, IRS, Secret Service, bank regulators, and state law enforcement-share access to the data.
The proposed rules require banks to determine the "source of a customer's funds"-such as payroll deposits-and authorize federal agents to inspect "all information and documentation" of accounts upon request.
An alliance of conservative, libertarian, and privacy groups is mobilizing to fight the Know Your Customer plan.
"The idea that the average American is going to have to justify to a federal agency where they got their money and how they used it-and proving it to those agents-is just beyond the comprehension of most Americans," said Lisa Dean, vice president of the Free Congress Foundation.
"It's not done in a free society."
Dean is preparing a report to be published by the end of December, but in the meantime she's encouraging groups to submit their own comments to the government by the 8 March 1999 deadline.
The American Civil Liberties Union believes the proposed rules are "a major concern" and an unwelcome extension of the drug war, said legislative counsel Rachel King. The ACLU plans to fight the proposal, as will the Electronic Privacy Information Center, director Marc Rotenberg said.
In 1996, Federal Reserve Board Governor Edward Kelley ordered the agency to begin developing Know Your Customer regulations, and the first draft was finished in summer 1997.
The Organization for Economic Cooperation and Development's money laundering task force also has endorsed Know Your Customer rules, calling them "the cornerstone" of the group's recommendations to member nations.
"The program should also be designed to allow banking organizations to monitor the transactions of their customers to ensure that they are consistent with their expected transactions, and identify and report, as necessary, those transactions that are unusual or suspicious," Herbert Biern, a top Fed official, told the House banking committee in June 1998.
The Fed and other banking regulators that have developed the rules say no new laws are required, arguing existing law gives them more enough authority.
"The FDIC has the statutory authority to promulgate this proposed regulation," the agency said.
But Congressman Ron Paul, a Texas Republican who serves on the House Banking committee, plans to nix their plans. "This massive new program-euphemistically called 'Know Your Customer'-would convert our nation's banks into wholly owned subsidiaries of the government-wide movement to invade every aspect of Americans' privacy," Paul wrote in a recent column.
Paul plans to introduce legislation early next year to prevent Know Your Customer from becoming reality, an aide said.
"These costs get passed on to consumers," said Brad Jansen, legislative assistant to Paul. "We've already effectively deputized bank tellers. Now we're making them private investigators as well."
In the final draft of the rules, the effective date was postponed from October 1999 to April 2000 to allow for Y2K repairs of banks' computer systems.
Some banks have opposed the measure, but outcry has been muted since federal law immunizes financial institutions from liability when disclosing suspicious customer activities to the government.
"The majority of our membership doesn't need to fill out more forms and profile people because they already know them," said Steve Scurlock, executive vice president of the Independent Bankers Association of Texas.
"They've seen these people for the last 20 years," Scurlock said. "They go to church with them. They coach their sons in Little League baseball. To have more forms to fill out is exactly the wrong thing to do."
These regulations are another example of the government asking the private sector to do its dirty work, economist Richard Rahn argues.
"Businesses ought not to do the things that government should do. And governments ought not to be in business," said Rahn, CEO of Novecon and author of the forthcoming book The End of Money.
The combination of sky-high compliance costs for banks and the relatively few money laundering prosecutions isn't worth it, Rahn said. "The real cost of each money laundering conviction is more than $100 million dollars," he said.
Rahn estimates that between 1987 and 1996, banks have filed more than 77 million currency transaction reports-weighing in at 308,000 pounds-with the US Treasury. That's 531 pounds per conviction.