The chief architect of widely-criticized update to the Bank Secrecy Act has resigned from the U.S. Treasury Department to join the Bank of America.
William J. Fox has headed Treasury's Financial Crimes Enforcement Network (FinCEN) since 2003. He will be Bank of America's "Senior Compliance Executive" for financial crimes.
Fox's directed the modernizing of banks' compliance with information-sharing requirements under the Bank Secrecy Act, which authorizes the Treasury Department to mandate that banks keep records of financial transactions that might be considered suspicious, and to provide these "Suspicious Activity Reports" to FinCEN in order to combat money laundering and funding for terrorist activity.
The PATRIOT Act of 2001 strengthened FinCEN's ability to mandate the sharing of financial transaction information between banks, through its "Section 314" and expansion of the BSA's mandate to include businesses with "heavy cash flow," such as check cashing businesses.
Fox's efforts centered around "BSA Direct," a new data analyzing system that would more effectively collate information from different banks using data-mining techniques, in order to identify unusual patterns of money transactions and possible criminal activity.
"Inadequate Controls"
The BSA has been heavily criticized for encouraging financial institutions to spy on their customers, and giving law enforcement and the government carte blanche to spy on individuals' financial transactions.
The PATRIOT Act's changes to the BSA have also been challenged as opening the door to allow banks to close customers' accounts and freeze their assets simply for withdrawing large amounts of money, or if they have Arabic names or surnames.
In testimony before Congress, Fox said that both the BSA and the new BSA Direct system were vital tools for sharing information between agencies in order to protect against terrorist attacks.
The BSA's enforcement has come with significant problems of its own. A May 2005 report by the Government Accountability Office (GAO) found significant weaknesses in the protection of personal financial information being collected by the Internal Revenue Service (IRS), for use by FinCEN for BSA reporting.
According to the GAO report, the investigators were able to access personal data from "Suspicious Activity Reports," including names, addresses, and Social Security numbers.
The report also claimed there were "inadequate controls" over access by unauthorized personnel to private and sensitive taxpayer information.
The GAO issued another report earlier this month reiterating the lack of security and oversight governing IRS contractors' access to Social Security numbers.
The BSA Direct program relies on several different contracting companies to provide components for the database. "We are profoundly concerned about the issues the GAO identified," Fox said in his testimony. "We will move very quickly to take all appropriate steps to ensure this data is protected."
