Banking Exchange Magazine Logo

FinCEN: Include IP information in SARs

Cyber-derived info very valuable to analysts

FinCEN: Include IP information in SARs

Financial institutions are urged to include cyber-derived information, such as internet protocol addresses or bitcoin wallet addresses, in their suspicious activity reports.

The head of the Financial Crimes Enforcement Network recently encouraged Bank Security Act reporters to include such information in order to help law enforcement analysts.

“Less than 2% of SARs filed contain IP information. This information is incredibly important to the FinCEN analysts and law enforcement investigators working to combat cybercrimes,” said Jennifer Shasky Calvery, director, FinCEN.

FinCEN needs SARs on cyber impact

Shasky Calvery made the plea in an address to a joint meeting of the Financial Services Sector Coordinating Council and the Financial and Banking Information Infrastructure Committee. (FSSCC is comprised of a number of financial trade associations, financial utilities, and major financial firms, who coordinate with the Treasury Department. FBIIC is comprised of 18 federal and state financial regulatory agencies.)

In addition to including IP addresses in SARs, Shasky Calvery encouraged reporting institutions “to file these SARs voluntarily on cyberattacks and to participate in voluntary information sharing with other financial institutions under the safe harbor” granted in the USA PATRIOT Act.

Such information might also be shared within lines of business within individual institutions, she said.

“There is information in various departments within a financial institution that may be useful and should be shared,” she said. “For example, information developed by those in your institution that work to combat cyber threats could also assist your institution in complying with its BSA/anti-money laundering obligations and assisting law enforcement to combat those threats.”

Sharing information streams

Calvery says her agency is exploring ways to increase information sharing from the public sector back to the private sector.

“While FinCEN is constrained from sharing certain SAR information with financial institutions, such as the filing institution or the customer and account information, we can provide research, analytical, and informational services to financial institutions to assist in the detection and prevention of terrorism, organized crime, money laundering, and other financial crimes,” she said.

Download Shasky Calvery’s speech

John Ginovsky

John Ginovsky is a contributing editor of Banking Exchange and editor of the publication’s Tech Exchange e-newsletter. For more than two decades he’s written about the commercial banking industry, specializing in its technological side and how it relates to the actual business of banking. In addition to his weekly blogs—"Making Sense of It All"—he contributes fresh, original stories to each Tech Exchange issue based on personal interviews or exclusive contributed pieces. He previously was senior editor for Community Banker magazine (which merged into ABA Banking Journal) and for ABA Banking Journal and was managing editor and staff reporter for ABA’s Bankers News. Email him at [email protected].

back to top


About Us

Connect With Us