BioCatch Blog Channel

Browse Topics

The regulatory roadblocks to financial crime information sharing

Written by:

Heidi Bleau

The regulatory roadblocks to financial crime information sharing featured image

According to the United Nations Office on Drugs and Crime, the estimated amount of money laundered globally each year is between $800 billion and $2 trillion. Funds from illicit activities – from financial fraud and terrorist financing to drug and human trafficking, flow across multiple institutions and jurisdictions every day. The need for a collaborative, real-time information sharing framework is crucial to cut off the movement of money from financial crimes, however, regulatory roadblocks have prevented financial institutions and law enforcement from doing so.

These restrictions are evident in frameworks like Section 314(b) of the USA PATRIOT Act, which governs how and when banks can exchange information. While well-intentioned, regulations have inadvertently had the opposite effect. The current regulatory environment limits collaborative potential, forcing banks to operate under stringent conditions as guidance is often unclear and fraught with legal, privacy, and operational hurdles.

The result: Every transaction that even has a smell of suspicious gets reported which leads to:

Huge operational expenses: Operational expenses related to AML and financial crime prevention can range from 4% to 2.4% of a bank’s operating costs, according to a study by the U.S. Government Accountability Office. This number is likely higher for smaller banks and credit unions relative to their resources.

High false positives: According to recent Gartner research, regulators receive a disproportionate number of false positives in the cases they receive - with a ratio of up to 95% in some instances.

Lack of enforcement action: A study conducted by the Bank Policy Institute found that of more than 640,000 Suspicious Activity Reports filed, only 4% resulted in any follow up action from law enforcement.

Challenges of Section 314(b)

Section 314(b) of the USA PATRIOT Act was introduced in 2001 as a framework allowing financial institutions to share information with each other to detect and report potential money laundering or terrorist activities. This section provides a "safe harbor" from liability, which, in theory, should encourage more banks to participate in information sharing initiatives. However, participation in 314(b) is voluntary, meaning institutions can choose whether or not to engage. This voluntary nature significantly limits the scope and impact of the regulation.

One of the primary issues with 314(b) is its complexity. Financial institutions must file annual certifications with the Financial Crimes Enforcement Network (FinCEN) to confirm their participation, and they must follow strict protocols when sharing information to ensure the data is being used appropriately. The procedures involved in sharing data are often slow and bureaucratic, making it difficult for institutions to exchange information in real-time. Banks need to navigate multiple layers of approval and review before they can share even basic transactional data with other institutions.

Additionally, the statute is often misunderstood within the industry. There is still a belief that information sharing under 314(b) is limited to cases of money laundering or terrorism financing, despite FinCEN's guidance that it can also apply to other crimes like fraud. This misunderstanding further reduces the number of institutions that engage in the program.

Financial institutions could also face certain liabilities for sharing information that leads to adverse outcomes, even if it was done so with good intention. For example, if Bank A shares data about a customer with Bank B, and Bank B takes action that negatively affects the customer, Bank A could be held liable if the action turns out to be unwarranted​. This potential for liability, coupled with the fear of regulatory penalties for mishandling customer data, discourages many institutions from participating in information-sharing programs, even when they have the legal authority to do so.

Real-time sharing: A missed opportunity

Perhaps the most significant limitation of Section 314(b) is that it does not facilitate real-time data sharing. Financial institutions often request information from each other only after identifying a suspicious activity, which can take days, if not weeks. The request is then passed through compliance teams, legal advisors, and investigators, delaying the process further. On average, it can take up to 120 days for a bank to receive and respond to a request for information. This delay renders the sharing process ineffective for preventing real-time threats, as fraudulent transactions are often completed long before the requested information is exchanged.

Moreover, the current system encourages a reactive rather than a proactive approach. Banks only share information when they already suspect something is wrong, but by that time, the damage may already be done. What’s needed is a system that allows financial institutions to share information on emerging threats and suspicious transactions before they become fully realized fraud cases.

Creating a path forward: Regulatory reform and innovation

To overcome these challenges, there is a growing need for regulatory reform that facilitates real-time information sharing while protecting privacy and minimizing liability. One potential solution is to follow the model of the UK's Joint Money Laundering Intelligence Taskforce (JMLIT), which brings together banks, regulators, and law enforcement agencies to share information in real-time. JMLIT has been highly successful in preventing financial crimes through its collaborative approach, and a similar model could be adopted in the U.S.

Another solution is the development of secure platforms that allow banks to share information about suspicious transactions without exposing personal identifiable information (PII). These platforms could use encrypted data exchanges to alert institutions about potentially fraudulent activities, enabling them to take preventive measures while adhering to privacy regulations.

Ultimately, regulatory bodies need to provide clearer guidance and stronger incentives for banks to participate in information-sharing programs. By reducing the fear of liability and promoting a culture of collaboration, regulators can help build a financial system that is better equipped to handle the ever-evolving threats of financial crime.

Conclusion

The ability to share information in real-time could be a game-changer for the financial industry, enabling institutions to detect and prevent financial crimes more effectively. However, regulatory roadblocks, concerns about privacy, and fears of liability continue to hinder this progress. Until these challenges are addressed through regulatory reform and innovative solutions, financial institutions will remain hamstrung in the fight against financial crime.

Learn more

BioCatch recently partnered with the Knoble and experts in the banking, law enforcement, and legal community to create a guide that examines the challenges that existing regulations present to financial institutions when it comes to data sharing related to financial crimes. Download the guide today to learn more and get practical advice and recommendations on how to pave a path towards progress.

Recent Posts

America is behind in the scam fight: Why this bank CEO wants a national strategy Mule Accounts
April 17, 2025 America is behind in the scam fight: Why this bank CEO wants a national strategy
Read article
The war is coming: Agentic AI and the next wave of attacks Social engineering scams
April 15, 2025 The war is coming: Agentic AI and the next wave of attacks
Read article
France: Western Europe’s top spot for organized crime Fraud Prevention
April 11, 2025 France: Western Europe’s top spot for organized crime
Read article