United States

FinCEN issues advisory and FAQs related to cyber-events


The Financial Crimes Enforcement Network (FinCEN) issued Advisory FIN-2016-A005 to help financial institutions understand their Bank Secrecy Act (BSA) reporting obligations of cyber-events and cyber-enabled crime. The advisory does not change existing regulatory expectations, but does provide insight into a variety of areas:

  • Financial institutions must continue to comply with applicable federal and state requirements and guidance related to cyber-enabled crime and cyber events. Financial institutions not only are required to file a suspicious activity report (SAR), but must also comply with other applicable requirements to notify regulatory agencies of events involving critical systems and information or of disruptions in their ability to operate. The advisory reviews guidelines for filing SARs to report cyber-events, including the proper completion of SARs, and provides examples of cyber events that would lead to SAR reporting.

  • Encourages collaboration between the BSA, fraud prevention, cybersecurity and other areas of the institution to conduct a more comprehensive threat assessment to better identify, report and mitigate cyber-events.

  • Reviews the benefits of information sharing between financial institution and the safe harbor offered by Section 314(b) of the USA PATRIOT Act. Sharing information may provide institutions an accurate picture of possible threats and provide them with opportunities for accurate decision-making within risk mitigation strategies.

To supplement the advisory, FinCEN also issued Frequently Asked Questions (FAQs) related to cyber-events, cyber-enabled crime and reporting cyber-related information in SARs. These FAQs supersede similar FAQs published in 2001 and provide additional information that was not addressed in the previous FAQs.