Since the Bank Secrecy Act was enacted in 1970, the clear focus of the Act has been to assist the government in fighting money laundering, and more recently after 9/11, to help fight terrorism.
Initially, banks were encouraged and are now required to establish guidelines and procedures to identify potential money laundering schemes in order to file Suspicious Activity Reports (SAR) with the government. One of the most important tools used by banks to expose criminal activity has been to adopt "Know Your Customer" guidelines that help detect suspicious activity by account holders. "Know Your Customer" has never been specifically defined so that each financial institution can set up procedures best suited for its own operations.
Certainly, smaller banks in rural areas with more direct contact with customers adopt "Know Your Customer" policies that are different than larger institutions in major urban areas. Since banks have had to develop "Know Your Customer" policies to comply with the Bank Secrecy Act requirements, many have used the guidelines for broader purposes such as the safety and soundness, and integrity of the bank.
The Government's efforts to encourage banks to freely file SARs include safe harbor provisions that were developed to insulate banks from liability for filing a SAR. (The only notable exception is where a bank has intentionally or maliciously filed a SAR without a proper basis solely to hurt the account holder or for revenge.)
Additionally, financial institutions are prohibited from informing the account holder of the filing of a SAR or the contents of such a report. Importantly, the safe harbor provisions do not insulate a bank from claims by third parties alleging the bank failed to follow Bank Secrecy guidelines such as "Know Your Customer" policies or for decisions not to file an SAR. Today, claims are being made by investors, trustees in bankruptcy, and receivers alleging that the bank did not follow its own procedures and guidelines which were developed originally for the purpose of complying with the Bank Secrecy Act. Adopting "Know Your Customer" policies for purposes broader than Bank Secrecy Act compliance, for example, to protect the bank's reputation or avoid being associated with unlawful activity, may result in claims who believe that the bank must follow "Know Your Customer" policies for their benefit. The "assumed" duty may go as far as to require a bank to evaluate the payees in various transactions with the account holder as part of "Know Your Customer" policies.
Certainly, those familiar with the banking industry are aware that to "Know Your Customer" does not mean the bank is responsible for evaluating how an account holder, corporate or otherwise, chooses to spend its money. However, what a jury or even a Judge may believe a bank's duty is, particularly in light of broad based "Know Your Customer" policies, is not clear. For example, let's assume a corporate account holder is in the business of developing property and raises money from investors for that purpose and the investor's funds are deposited in the corporate operating account. Let's assume some of the money is used to buy dozens of exotic cars or is sent to casino/hotels, does the bank have an obligation under the "Know Your Customer" policy to question those transactions? (Given that whatever payments were made were done by an authorized signatory and there were sufficient funds in the account.)
It is clear to those in banking that determining whether payments or withdrawals by a customer are related specifically to the account holder's business is not the purpose of the "Know Your Customer" policy. However, that is not necessarily true of the general public, particularly if a bank establishes broad objectives for the "Know Your Customer" policies.
Several steps should be taken by banks to protect themselves against third party or account holder claims based on the "Know Your Customer" policies.
First, make sure the "Know Your Customer" policy is specifically a part of the bank's compliance with the Bank Secrecy Act and is clearly defined as such in the guidelines and manuals. Second, review the language of the "Know Your Customer" policies to make sure it is specific and the purpose is clearly stated to identify money laundering and other criminal activity. If a stated purpose for the "Know Your Customer" policy is to preserve the good name of the bank or maintain good relationships with its customers and the community, a claim for failure to live up to those very general standards is more likely. Until, or unless, the government expands safe harbor provisions to include the application of "Know Your Customer" policies, financial institutions will continue to be subjected to claims for failure to properly follow those policies.
If these types of claims continue to grow, a natural side effect will be for banks to file a SAR in many more instances. They will err on the side of filing a report when anything "suspicious" arises in an account, so that the bank can protect itself under the safe harbor provisions. Certainly, a flood of SARs will not benefit the government's efforts to fight crime and terrorism. However, a bank cannot be expected to subject itself to claims for using good and proper discretion when deciding whether to file a SAR.
A bank needs to know its customers, but it should not inadvertently create a duty to its account holders or others by creating broad objectives when the real purpose is to comply with the Bank Secrecy Act. In this case, less is more.
Alvin Lodish is head of the litigation department with Miami law firm Bilzin Sumberg Baena Price & Axelrod. For additional information, firstname.lastname@example.org or visit the firm's Web site at www.bilzin.com.