Financial institutions are urged to include cyber-derived information, such as internet protocol addresses or bitcoin wallet addresses, in their suspicious activity reports.
The head of the Financial Crimes Enforcement Network recently encouraged Bank Security Act reporters to include such information in order to help law enforcement analysts.
“Less than 2% of SARs filed contain IP information. This information is incredibly important to the FinCEN analysts and law enforcement investigators working to combat cybercrimes,” said Jennifer Shasky Calvery, director, FinCEN.
FinCEN needs SARs on cyber impact
Shasky Calvery made the plea in an address to a joint meeting of the Financial Services Sector Coordinating Council and the Financial and Banking Information Infrastructure Committee. (FSSCC is comprised of a number of financial trade associations, financial utilities, and major financial firms, who coordinate with the Treasury Department. FBIIC is comprised of 18 federal and state financial regulatory agencies.)
In addition to including IP addresses in SARs, Shasky Calvery encouraged reporting institutions “to file these SARs voluntarily on cyberattacks and to participate in voluntary information sharing with other financial institutions under the safe harbor” granted in the USA PATRIOT Act.
Such information might also be shared within lines of business within individual institutions, she said.
“There is information in various departments within a financial institution that may be useful and should be shared,” she said. “For example, information developed by those in your institution that work to combat cyber threats could also assist your institution in complying with its BSA/anti-money laundering obligations and assisting law enforcement to combat those threats.”
Sharing information streams
Calvery says her agency is exploring ways to increase information sharing from the public sector back to the private sector.
“While FinCEN is constrained from sharing certain SAR information with financial institutions, such as the filing institution or the customer and account information, we can provide research, analytical, and informational services to financial institutions to assist in the detection and prevention of terrorism, organized crime, money laundering, and other financial crimes,” she said.