[House Report 118-317]
[From the U.S. Government Publishing Office]
118th Congress } { REPORT
HOUSE OF REPRESENTATIVES
1st Session } { 118-317
======================================================================
FINANCIAL PRIVACY ACT OF 2023
_______
December 13, 2023.--Committed to the Committee of the Whole House on
the State of the Union and ordered to be printed
_______
Mr. McHenry, from the Committee on Financial Services, submitted the
following
R E P O R T
[To accompany H.R. 5485]
The Committee on Financial Services, to whom was referred
the bill (H.R. 5485) to require the Secretary of the Treasury
to provide for greater transparency and protections with regard
to Bank Secrecy Act reports, and for other purposes, having
considered the same, reports favorably thereon with an
amendment and recommends that the bill as amended do pass.
The amendment is as follows:
Strike all after the enacting clause and insert the
following:
SECTION 1. SHORT TITLE.
This Act may be cited as the ``Financial Privacy Act of 2023''.
SEC. 2. FINDINGS.
The Congress finds the following:
(1) Pursuant to the Bank Secrecy Act (``BSA''), the Secretary
of the Treasury, acting through the Financial Crimes
Enforcement Network (``FinCEN''), collects millions of reports
annually on the economic activity of ordinary Americans.
(2) Since 2001, FinCEN has applied the BSA to collect over
322,000,000 Currency Transaction Reports and more than
36,000,000 Suspicious Activity Reports, as well as nearly
5,000,000 Form 8300 Reports. In addition, FinCEN expects to
amass beneficial ownership information (``BOI'') from
32,000,000 companies in its initial year of collection, plus
5,000,000 additional companies implicated each year thereafter.
(3) The mass of reporting collected by FinCEN suggests that,
while certain BSA reports might prove useful to combat illicit
finance, the bulk of BSA-related data may possess little to no
nexus to legitimate law enforcement or intelligence purposes,
even as it encompasses highly sensitive details on the everyday
lives of Americans.
(4) By law, the Secretary of the Treasury must ensure the
security and confidentiality of BSA data. In a Notice of
Proposed Rulemaking from December 2022, FinCEN acknowledged
that ``BOI is highly sensitive information. FinCEN therefore
views it as critical to mitigate the risk of unauthorized
disclosure of BOI as much as possible.''.
SEC. 3. REPORTS TO CONGRESS; REVIEW OF PROTOCOLS FOR AGENCY ACCESS TO
REPORTS.
(a) In General.--Chapter 53 of title 31, United States Code, is
amended--
(1) in subchapter II, by inserting after section 5326 the
following:
``Sec. 5327. Reports to Congress; Review of protocols for agency access
to reports
``(a) Reports to Congress.--Not later than 180 days following the
date of the enactment of this section, and annually thereafter, the
Secretary of the Treasury shall submit to the Committee on Financial
Services of the House of Representatives and the Committee on Banking,
Housing, and Urban Affairs of the Senate a report containing the
following:
``(1) The number of reports, by type, filed each year with
the Financial Crimes Enforcement Network (`FinCEN') under this
subchapter since January 1, 2022.
``(2) The total number of reports filed under this subchapter
retained by FinCEN.
``(3) A description of any written protocols or guidance from
the Secretary to national security, law enforcement, or
intelligence agencies regarding agency access to, and retention
or dissemination of, information held by FinCEN from reports
filed under this subchapter, including--
``(A) a description of any updates to the protocols
or guidance during the reporting period;
``(B) the number of queries by such agencies to
access the information during the reporting period; and
``(C) any denials of requests for, or revocations of,
access by a national security, law enforcement, or
intelligence agency, or by any employee thereof, with a
description of the reasons for the denial or
revocation, as the case may be.
``(b) Review and Revision of Protocols.--In consultation with the
Director of National Intelligence and the Attorney General, the
Secretary of the Treasury shall annually review and, as appropriate,
revise any written protocols or guidance described under subsection (a)
for the purposes of--
``(1) better tailoring the collection, retention, and
dissemination of information filed under this subchapter to
authorized national security, law enforcement, or intelligence
objectives;
``(2) enforcing prohibitions against unauthorized disclosure
of such information; and
``(3) protecting fully the legal rights of all United States
persons, including freedoms, civil liberties, and privacy
rights guaranteed by Federal law.
``(c) Congressional Requests; Notice of Changes.--
``(1) Requests for information.--Upon request of the chair or
ranking member of the Committee on Financial Services of the
House of Representatives or the Committee on Banking, Housing,
and Urban Affairs of the Senate, the Secretary shall provide a
copy of any written protocols or guidance described in
subsection (a)(3).
``(2) Notice of changes.--Not later than 30 days after
revising any written protocols or guidance described in
subsection (a)(3), the Secretary shall provide a copy of such
revised written protocols or guidance to the Committee on
Financial Services of the House of Representatives and the
Committee on Banking, Housing, and Urban Affairs of the
Senate.''; and
(2) in the table of contents for such chapter, by inserting
after the item relating to section 5326 the following:
``5327. Reports to Congress; Review of protocols for agency access to
reports.''.
(b) Sunset.--On the date that is the end of the 7-year period
beginning on the date of enactment of this Act--
(1) section 5327 of title 31, United States Code, is
repealed; and
(2) the table of contents for chapter 53 of title 31, United
States Code, is amended by striking the item relating to
section 5327.
Purpose and Summary
Introduced on September 14, 2023, by Representative French
Hill, H.R. 5485, the Financial Privacy Act of 2023, would
require an annual report to Congress on data collected and
retained by the Secretary of the Department of the Treasury
under the Bank Secrecy Act (BSA). The bill would further
require the Secretary to report on protocols governing the
retention and dissemination of this data, as well as notify
Congress of any updates to the protocols. Finally, it would
require an annual review of the protocols by the Secretary.
Background and Need for Legislation
Under legal provisions collectively referred to as the BSA,
the Financial Crimes Enforcement Network (FinCEN) requires
financial institutions and other businesses to submit reports
that may assist the Treasury Department's anti-money
laundering/combatting the financing of terrorism (AML/CFT)
efforts. These reports include suspicious activity reports
(SARs) and currency transaction reports (CTRs). It will also
include beneficial reporting data as mandated by the Corporate
Transparency Act beginning in January 2024.
Since 2001, FinCEN has collected more than 350 million SARs
and CTRs. Each day, FinCEN receives approximately 55,000 BSA
records. It expects to receive beneficial ownership information
from 32 million companies in its initial year of implementation
in addition to the current BSA records.
On August 31, 2023, Treasury's Office of Inspector General
(IG) issued an audit of FinCEN's ``suppression'' process. This
process is supposed to restrict access to inaccurate,
duplicative, or sensitive data. According to the IG, ``FinCEN
did not: (1) timely process and adequately document the
disposition of suppression requests, to include notifying
requesters in writing; and (2) ensure that bulk data recipients
removed suppressed records from their respective
databases.''\1\
---------------------------------------------------------------------------
\1\Office of Inspector General, Department of the Treasury. (2023)
Audit of FinCEN's Management of BSA Data--Suppression Report. (OIG-23-
030) https://oig.treasury.gov/sites/oig/files/2023-09/OIG-23-030.pdf
---------------------------------------------------------------------------
The August IG audit is the first in a series of reports
examining FinCEN's BSA data management. These reports are
expected to be similarly critical of FinCEN's processes and
procedures. The Financial Privacy Act will allow for stronger
oversight of FinCEN procedures and inform Congress of the scope
of data collection under the BSA.
Hearing
Pursuant to clause 3(c)(6) of rule XIII, the following
hearing was used to develop H.R. 5485: The Subcommittee on
National Security, Illicit Finance, and International Financial
Institutions of the Committee on Financial Services held a
hearing on April 27, 2023, titled ``Oversight of the Financial
Crimes Enforcement Network (FinCEN) and the Office of Terrorism
and Financial Intelligence (TFI)''.
Committee Consideration
The Committee on Financial Services met in open session on
September 20, 2023, and ordered H.R. 5485 to be reported
favorably to the House as amended by a recorded vote of 47 ayes
to 0 nays (Record vote no. FC-100), a quorum being present.
Before the question was called to order the bill favorably
reported, the Committee adopted an amendment in the nature of a
substitute offered by Mr. Hill by voice vote.
Committee Votes
Clause 3(b) of rule XIII of the Rules of the House of
Representatives requires the Committee to list the record votes
on the order to report legislation and amendments thereto. H.R.
5485 was ordered reported favorably to the House as amended by
a recorded vote of 47 ayes to 0 nays (Record vote no. FC-100),
a quorum being present.
Committee Oversight Findings
Pursuant to clause 3(c) of rule XIII of the Rules of the
House of Representatives, the findings and recommendations of
the Committee, based on oversight activities under clause
2(b)(1) of rule X of the Rules of the House of Representatives,
are incorporated in the descriptive portions of this report.
Performance Goals and Objectives
Pursuant to clause 3(c)(4) of rule XIII of the Rules of the
House of Representatives, the goal of H.R. 5485 is to require
an annual report to Congress on data collected and retained by
the Secretary of the Treasury under the BSA. The bill would
further require the Secretary to report on protocols governing
the retention and dissemination of this data, as well as notify
Congress of any updates to the protocols.
Congressional Budget Office Estimates
Pursuant to clause 3(c)(3) of rule XIII of the Rules of the
House of Representatives, the Committee adopts the cost
estimate provided by the Congressional Budget Office pursuant
to section 402 of the Congressional Budget Act of 1974.
New Budget Authority, Entitlement Authority, and Tax Expenditures
Pursuant to clause 3(c)(2) of rule XIII of the Rules of the
House of Representatives, the Committee adopts as its own the
estimate of new budget authority, entitlement authority, or tax
expenditures or revenues contained in the cost estimate
prepared by the Director of the Congressional Budget Office
pursuant to section 402 of the Congressional Budget Act of
1973.
Federal Mandates Statement
Pursuant to section 423 of the Unfunded Mandates Reform
Act, the Committee adopts as its own the estimate of the
Federal mandates prepared by the Director of the Congressional
Budget Office.
Advisory Committee Statement
No advisory committees within the meaning of section 5(b)
of the Federal Advisory Committee Act were created by this
legislation.
Applicability to Legislative Branch
The Committee finds that the legislation does not relate to
the terms and conditions of employment or access to public
services or accommodations within the meaning of section
102(b)(3) of the Congressional Accountability Act.
Earmark Identification
Pursuant to clause 9 of rule XXI of the Rules of the House
of Representatives, the Committee has carefully reviewed the
provisions of the bill and states that the provisions of the
bill do not contain any congressional earmarks, limited tax
benefits, or limited tariff benefits within the meaning of the
rule.
Duplication of Federal Programs
Pursuant to clause 3(c)(5) of rule XIII of the Rules of the
House of Representatives, the Committee states that no
provision of the bill establishes or reauthorizes a program of
the Federal Government known to be duplicative of another
Federal program, including any program that was included in a
report to Congress pursuant to section 21 of the Public Law
111-139 or the most recent Catalog of Federal Domestic
Assistance.
Section-by-Section Analysis of the Legislation
Section 1. Short title
This Act may be cited as the ``Financial Privacy Act of
2023''.
Section 2. Findings
The Congress finds:
(1) The Financial Crimes Enforcement Network (FinCEN)
collects millions of reports annually on the economic
activity of ordinary Americans through the Bank Secrecy
Act (BSA).
(2) Since 2001, FinCEN has collected over 322,000,000
Currency Transaction Reports, and 5,000,000 Form 8300
Reports. In addition, FinCEN expects to collect
beneficial ownership information (BOI) from 32,000,000
companies in its initial year of collection, and an
additional 5,000,000 per year thereafter.
(3) The bulk of data collected by FinCEN possesses
little or no nexus to legitimate law enforcement or
intelligence purposes yet encompasses highly sensitive
details of citizens.
(4) The Secretary of the Treasury must ensure the
security and confidentiality of data collected. FinCEN
has acknowledged that BOI is highly sensitive
information.
Section 3. Reports to Congress; Review of protocols for agency access
to reports
Section 3 requires an annual report to Congress on data
collected and retained by the Secretary of the Treasury under
the Bank Secrecy Act. In addition, it requires the Secretary to
report on protocols governing the retention and dissemination
of this data, as well as notify Congress of any updates to the
protocols. It requires an annual review of the protocols by the
Secretary, including for the purpose of safeguarding civil
liberties and privacy rights.
Changes in Existing Law Made by the Bill, as Reported
In compliance with clause 3(e) of rule XIII of the Rules of
the House of Representatives, changes in existing law made by
the bill, as reported, are shown as follows (existing law
proposed to be omitted is enclosed in black brackets, new
matter is printed in italics, and existing law in which no
change is proposed is shown in roman):
TITLE 31, UNITED STATES CODE
* * * * * * *
SUBTITLE IV--MONEY
* * * * * * *
CHAPTER 53--MONETARY TRANSACTIONS
* * * * * * *
SUBCHAPTER II--RECORDS AND REPORTS ON MONETARY INSTRUMENTS TRANSACTIONS
* * * * * * *
5327. Reports to Congress; Review of protocols for agency access to
reports.
* * * * * * *
SUBCHAPTER II--RECORDS AND REPORTS ON MONETARY INSTRUMENTS TRANSACTIONS
* * * * * * *
Sec. 5327. Reports to Congress; Review of protocols for agency access
to reports
(a) Reports to Congress.--Not later than 180 days following
the date of the enactment of this section, and annually
thereafter, the Secretary of the Treasury shall submit to the
Committee on Financial Services of the House of Representatives
and the Committee on Banking, Housing, and Urban Affairs of the
Senate a report containing the following:
(1) The number of reports, by type, filed each year
with the Financial Crimes Enforcement Network
(``FinCEN'') under this subchapter since January 1,
2022.
(2) The total number of reports filed under this
subchapter retained by FinCEN.
(3) A description of any written protocols or
guidance from the Secretary to national security, law
enforcement, or intelligence agencies regarding agency
access to, and retention or dissemination of,
information held by FinCEN from reports filed under
this subchapter, including--
(A) a description of any updates to the
protocols or guidance during the reporting
period;
(B) the number of queries by such agencies to
access the information during the reporting
period; and
(C) any denials of requests for, or
revocations of, access by a national security,
law enforcement, or intelligence agency, or by
any employee thereof, with a description of the
reasons for the denial or revocation, as the
case may be.
(b) Review and Revision of Protocols.--In consultation with
the Director of National Intelligence and the Attorney General,
the Secretary of the Treasury shall annually review and, as
appropriate, revise any written protocols or guidance described
under subsection (a) for the purposes of--
(1) better tailoring the collection, retention, and
dissemination of information filed under this
subchapter to authorized national security, law
enforcement, or intelligence objectives;
(2) enforcing prohibitions against unauthorized
disclosure of such information; and
(3) protecting fully the legal rights of all United
States persons, including freedoms, civil liberties,
and privacy rights guaranteed by Federal law.
(c) Congressional Requests; Notice of Changes.--
(1) Requests for information.--Upon request of the
chair or ranking member of the Committee on Financial
Services of the House of Representatives or the
Committee on Banking, Housing, and Urban Affairs of the
Senate, the Secretary shall provide a copy of any
written protocols or guidance described in subsection
(a)(3).
(2) Notice of changes.--Not later than 30 days after
revising any written protocols or guidance described in
subsection (a)(3), the Secretary shall provide a copy
of such revised written protocols or guidance to the
Committee on Financial Services of the House of
Representatives and the Committee on Banking, Housing,
and Urban Affairs of the Senate.
[Section 3(a) of H.R. 5485 (as reported) provides for
amendments to add a new section 5327 after section 5326 (shown
above in italic typeface) and conforms the table of contents
for chapter 53 by inserting a new item relating to section
5327. Subsection (b) of such section states ``On the date that
is the end of the 7-year period beginning on the date of
enactment of this Act, section 5327 is repealed'' and also
strikes the item relating to section 5327 in the table of
contents. Upon such date, section 5327 (as so added) is
repealed as follows:]
[Sec. 5327. Reports to Congress; Review of protocols for agency access
to reports
[(a) Reports to Congress.--Not later than 180 days following
the date of the enactment of this section, and annually
thereafter, the Secretary of the Treasury shall submit to the
Committee on Financial Services of the House of Representatives
and the Committee on Banking, Housing, and Urban Affairs of the
Senate a report containing the following:
[(1) The number of reports, by type, filed each year
with the Financial Crimes Enforcement Network
(``FinCEN'') under this subchapter since January 1,
2022.
[(2) The total number of reports filed under this
subchapter retained by FinCEN.
[(3) A description of any written protocols or
guidance from the Secretary to national security, law
enforcement, or intelligence agencies regarding agency
access to, and retention or dissemination of,
information held by FinCEN from reports filed under
this subchapter, including--
[(A) a description of any updates to the
protocols or guidance during the reporting
period;
[(B) the number of queries by such agencies
to access the information during the reporting
period; and
[(C) any denials of requests for, or
revocations of, access by a national security,
law enforcement, or intelligence agency, or by
any employee thereof, with a description of the
reasons for the denial or revocation, as the
case may be.
[(b) Review and Revision of Protocols.--In consultation with
the Director of National Intelligence and the Attorney General,
the Secretary of the Treasury shall annually review and, as
appropriate, revise any written protocols or guidance described
under subsection (a) for the purposes of--
[(1) better tailoring the collection, retention, and
dissemination of information filed under this
subchapter to authorized national security, law
enforcement, or intelligence objectives;
[(2) enforcing prohibitions against unauthorized
disclosure of such information; and
[(3) protecting fully the legal rights of all United
States persons, including freedoms, civil liberties,
and privacy rights guaranteed by Federal law.
[(c) Congressional Requests; Notice of Changes.--
[(1) Requests for information.--Upon request of the
chair or ranking member of the Committee on Financial
Services of the House of Representatives or the
Committee on Banking, Housing, and Urban Affairs of the
Senate, the Secretary shall provide a copy of any
written protocols or guidance described in subsection
(a)(3).
[(2) Notice of changes.--Not later than 30 days after
revising any written protocols or guidance described in
subsection (a)(3), the Secretary shall provide a copy
of such revised written protocols or guidance to the
Committee on Financial Services of the House of
Representatives and the Committee on Banking, Housing,
and Urban Affairs of the Senate.]
* * * * * * *
[all]