Emerging reports indicate Syed Farook made a series of questionable banking transactions in the weeks before he and his wife killed fourteen people in their terrorist attack in San Bernardino.

These transactions raise yet again the question of whether financial institutions could play a larger part in interdicting terrorists.  The transactions may have been subject to reporting requirements under the Bank Secrecy Act (“BSA”), but the reports would have come too late.

Under the BSA and supporting regulations financial institutions must file Suspicious Activity Reports (“SAR”) within 30 days of a variety of large, unusual or structured transactions.  A structured transaction or series of transactions is designed to evade reporting requirements or additional scrutiny.  The Federal Financial Institutions Examination Counsel’s (“FFIEC”) Examination Manual notes that “[s]uspicious activity reporting forms the cornerstone of the BSA reporting system.”

According to the Financial Crimes Enforcement Network (“FinCEN”), the BSA:

requires financial institutions to keep records of cash purchases of negotiable instruments, file reports of cash transactions exceeding $10,000 (daily aggregate amount), and to report suspicious activity that might signify money laundering, tax evasion, or other criminal activities.

The FFIEC’s guidance on structured transactions notes further that, “[e]ven if structuring has not occurred, the bank should review the transactions for suspicious activity.”

Tracking terrorists through the flow of money and cutting off their resources has been a major focus in the war on terror.  Yet despite SARs’ front-line role in counter-terrorism efforts, FinCEN reports dozens of enforcement actions since 9/11.

Farook reportedly received a $28,500 deposit and subsequently withdrew $10,000 cash and made three separate $5,000 transfers to his mother. The deposit, the $10,000 cash transaction and the repeated transfers to Farook’s mother all could have been subject to additional scrutiny as structured transactions under the BSA.

The banks connected with these transactions have declined to comment on the investigation, including the specific question of whether the $10,000 cash withdrawal triggered reporting requirements.

Institutions subject to the BSA must file a SAR within 30 days after the underlying event, and Farook’s reported transactions were all within two weeks of the attack, so no SAR would have been required by the time of the attacks in any event.  It remains to be seen whether Farook made any other suspicious transactions outside the 30-day reporting window.

The BSA’s 30-day grace period for filing SARs presumably reflects the practical realities of operating a financial institution processing millions of transactions or more per day.

Identifying, investigating and compiling the necessary information on potentially suspicious transactions cannot be done instantaneously.  Still, with banks unwittingly facilitating terrorist attacks at least as far back as 9/11, it is worth revisiting what transactions require reporting, under what circumstances, and how quickly, as well as what analytical technology might be available to identify suspicious transactions more efficiently.