Pub. 8 2018-2019 Issue 2

8 O V E R A C E N T U R Y : B U I L D I N G B E T T E R B A N K S - H E L P I N G C O L O R A D A N S R E A L I Z E D R E A M S FEATURE ARTICLE CHANCE WILLIAMS, CRCM COMPLIANCE SPECIALIST Cyber-Event is an attempt to compromise or gain unauthorized electronic access to electronic systems, services, resources, or information. I n late January of 2018, FinCEN announced the update to the Suspicious Activity Report (SAR) that will be available on June 22, 2018. The updated SAR form has been revised and includes half a dozen changes. These chang- es include: a new field that will alert FinCEN to the SAR being filed in response to specific geo - graphic targeting orders (GTO), advisories, or other activity, a new field for type of suspicious activity “Cyber Event”, a new field in the “Cyber Event” indi - cator field that allows the filer to report various events such as Command and control IP addresses, Ports, suspicious file names, and more. In conjunc- tion with the new field, there were updates to existing fields such as: subtype selections associated with various suspi- cious activity types, revisions to date and time stamp fields relating to activities being conducted on a schedule or random in nature, selections associated with suspicious activity product types, and subtypes associated with Secu- rities and Futures. In addition to the above noted revisions, batch filers will be required to submit SAR information in a XML file format rather than in fixed-length file delimitation, such as the current ASCII. First, let’s discuss the new field, located in Filing Insti - tution note to FinCEN, which will alert FinCEN to the SAR being filed in response to spe - cific GTO, advisories, or other activity. FinCEN announced in 2016 they were concerned that all-cash purchases may be conducted by individuals attempting to hide assets and their identity, by making those purchases through shell com- panies. To better understand the role GTOs play, FinCEN began doing the needed re- search. FinCEN Acting Di- rector Jamal El-Hindi stated, “The information we have obtained fromour initial GTOs suggests that we are on the right track… By expanding the GTOs to other major cities, we will learn even more about the money laundering risks in the national real estate markets, helping us to determine our future regulatory course.” This new field will further assist FinCEN in protecting against the abuses of illicit actors on a larger scale. The second new field to dis - cuss is located in Part II. This new field is designed to capture “Cyber events” as they pertain to suspicious activity. Fin- CEN has defined these types of events as Cyber-Events, Cyber-Enables Crime or Cy- ber-Related Information. Cy- ber-Event is an attempt to com- promise or gain unauthorized electronic access to electronic systems, services, resources, or information. Cyber-Enabled Crimes are Illegal activities (e.g., fraud, money laundering, identity theft) carried out or fa- cilitated by electronic systems and devices, such as networks and computers. Cyber-Related Information is information that describes technical de- tails of electronic activity and behavior, such as IP addresses, timestamps, and Indicators of Compromise (IOCs). Cyber-re- lated information also includes, but is not limited to, data re- garding the digital footprint of individuals and their behavior. Many times, a cyber-event that FinCEN Announces Update to the Suspicious Activity Report (SAR)