September 23, 2016 | Backgrounder on Economy
Financial and personal privacy is a key component of life in a free society, where individuals enjoy a private sphere free of government involvement, surveillance, and control. The U.S. financial regulatory framework is largely inconsistent with these ideas, and it is long past the time for fundamentally reforming the information exchange and reporting system that has grown over the past three decades. The current regulatory regime is overly complex and burdensome, and its ad hoc nature has likely impeded efforts to combat terrorism, enforce laws, and collect taxes. To better meet the needs of the citizens these laws are meant to serve, regulators must develop better information about the costs and benefits of the current regime, especially given that the current framework appears grossly cost ineffective. This Heritage Foundation Backgrounder recommends seven reforms to move the U.S. toward an improved financial privacy regime that protects individuals’ privacy rights while improving law enforcement’s ability to apprehend and prosecute criminals and terrorists.
Privacy, both financial and personal, is a key component of life in a free society. Unlike in totalitarian or authoritarian regimes, individuals in free societies have a private sphere free of government involvement, surveillance, and control. The United States Constitution’s Bill of Rights, particularly the Fourth, Fifth, and Ninth Amendments, together with structural federalism and separation of powers protections, is designed to further that end by protecting individual rights. The current financial regulatory framework is inconsistent with these principles.
In general, individuals should have control over who has access to information about their personal and financial lives. Individuals should be free to lead their lives unmolested and unsurveilled by government unless there is a reasonable suspicion that they have committed a crime or conspired to commit a crime. Any information-sharing regime must include serious safeguards to protect the privacy of individuals and businesses. Financial privacy is especially vital because it can be the difference between survival and systematic suppression of an opposition group in a country with an authoritarian government. Many businesses, dissidents, and human rights groups maintain accounts outside the countries where they are active for precisely this reason.
Financial privacy can allow people to protect their life savings when a government tries to confiscate its citizens’ wealth, whether for political, ethnic, religious, or “merely” economic reasons. Businesses need to protect their private financial information, intellectual property, and trade secrets from competitors in order to remain profitable. Financial privacy is of deep and abiding importance to freedom, and many governments have shown themselves willing to routinely abuse private financial information.
Many government agencies, in both the U.S. and other countries, are currently involved in collecting and disseminating private individuals’ information for the purpose of conducting their national security, law enforcement, and tax administration functions. The unique requirements for fulfilling each of these purposes dictate certain policy choices for designing an optimal financial-privacy regime. The current U.S. framework is overly complex and burdensome, and its ad hoc nature has likely impeded efforts to combat terrorism, enforce laws, and collect taxes. Efforts to improve the existing framework must focus on protecting individuals’ privacy rights while improving law enforcement’s ability to apprehend and prosecute criminals and terrorists.
Reform efforts also need to focus on costs versus benefits. The current framework, particularly the anti-money laundering (AML) rules, is clearly not cost-effective. As demonstrated below, the AML regime costs an estimated $4.8 billion to $8 billion annually. Yet, this AML system results in fewer than 700 convictions annually, a proportion of which are simply additional counts against persons charged with other predicate crimes. Thus, each conviction costs approximately $7 million, potentially much more. This Backgrounder recommends several major reforms for fixing the U.S. financial privacy framework, such as eliminating burdensome reporting requirements, raising certain reporting thresholds, exempting crowdfunding from AML rules, and instituting federal pre-emption of state regulation of money-transmission businesses. In addition, the Senate should not ratify the Protocol Amending the Multilateral Convention on Mutual Administrative Assistance in Tax Matters.
The list of national and international agencies, and national laws and international agreements, governing financial information exchange and reporting has grown preposterously long. For instance, there are more than 100 foreign financial intelligence units (FIUs) around the world, a role filled in the United States by the Treasury Department’s Financial Crimes Enforcement Network (FinCEN). FIUs typically exchange financial information with their international counterparts based on national legislation and regulations. Private entities are required to collect and report voluminous information under the Bank Secrecy Act reporting provisions designed to enforce the AML laws and the know-your-customer (KYC) requirements.
Over 90 countries participate in either the original or amended Multilateral Convention on Mutual Administrative Assistance in Tax Matters. The U.S. has bilateral income tax treaties, protocols, and tax-information-exchange agreements with approximately 70 countries. In addition, private entities must provide a wide variety of information to the Internal Revenue Service (IRS) with respect to both domestic and foreign operations. In fiscal year (FY) 2015, more than 2.6 billion information returns were filed with the IRS. Both U.S. and foreign financial institutions must report on the financial activities of their U.S. customers under both the Foreign Account Tax Compliance Act (FATCA) and the qualified intermediary rules.
In addition, the terrorism-related Information Sharing Environment, a center within the Office of the Director of National Intelligence, involves approximately 18,000 federal, state, local, and tribal government agencies. The Federal Bureau of Investigation Criminal Justice Information Services Division operates a National Data Exchange and other programs. Interpol maintains various information-sharing databases that are made available to its 190 members.
The current system’s mind-numbing complexity and ad hoc nature impedes the effectiveness of governments’ efforts to combat terrorism, enforce the laws, and collect taxes, and it imposes substantial costs on the private sector. For instance, the current framework requires financial firms to file millions of reports each year even though records show that there are only approximately 2,000 AML investigations per year. Similarly, the wide discretion given to FinCEN to change reporting thresholds and requirements predisposes financial institutions to err on the side of filing too many reports rather than risk legal liability. The current approach, essentially focused on collecting as much information as possible, has led to the creation of multiple, expensive, and overlapping national and international bureaucracies. There is little doubt that the current system pays inadequate attention to the core values that underpin all free societies or to the cost-effectiveness of ever-increasing demands for more information reporting.
The first business of government is to protect the life, liberty, and property of its citizens. Accordingly, international information sharing directed at preventing terrorism, crime, and fraud is an important and appropriate function of government. However, all governments cannot be trusted to share the goals of protecting life, liberty, and property and upholding the rule of law, so U.S. policymakers must be careful about deciding with whom to share information. Corruption and ideology make information sharing with some governments highly problematic. Shared information can be used to oppress political opponents, to support terrorism, to identify kidnapping targets, to facilitate financial fraud, to enable identity theft, to further industrial espionage, or for other nefarious purposes. The ongoing abuse of Interpol Red Notices for political purposes by authoritarian governments provides a stark lesson in the dangers of the uncritical reliance on institutions created to promote information sharing.
Information sharing for law enforcement purposes should be limited to actions that a liberal democratic state would regard as criminal. Terrorism, violent crime, and fraud would clearly meet this test, while speaking out against one’s government, peaceful political or labor organizing, gambling, homosexual behavior, and tax evasion would not. No liberal democratic government should share, or be required to share, information for the purposes of enforcing laws that criminalize behavior that is not illegal under the laws of the government from which the information is being requested. This is sometimes known as the principle of dual criminality, and it should be adhered to in any information-sharing arrangement.
It is also true that many governments exploit (or are complicit in exploiting) information-sharing arrangements for inappropriate commercial purposes, such as industrial espionage or to further government confiscation or extortion. Therefore, any information-exchange regime must limit this risk and protect the commercial interests of participating countries. Any information-sharing regime needs to include serious safeguards to protect the privacy of both individuals and businesses. Currently, these safeguards are lax at best, and the U.S. should take the lead internationally to strengthen protections rather than succumb to international bureaucracies’ efforts to weaken privacy rights. A separate type of information sharing deals with cross-country agreements to share tax information.
One reason that tax-sharing agreements pose a unique set of challenges is that tax evasion is not a crime in many liberal democratic states. Instead, tax evasion is often treated as a civil violation. Naturally, the public benefit of preventing terrorist attacks or violent crime is greater than the benefit of preventing a civil violation, such as tax evasion. Therefore, the willingness to impose costs on the private sector and to violate the privacy interests of ordinary people should be less in the case of information sharing for tax purposes than for the purposes of preventing terrorism or crime.
Moreover, tax-information-sharing programs are quite often a veiled attempt to stifle tax competition from low-tax jurisdictions. Tax competition is salutary and limits the degree to which governments can impose unwarranted taxation. Furthermore, poorly constructed tax-sharing agreements put Americans’ private financial information at risk, and the risk is highest for internationally active American businesses.
To safeguard citizens’ rights, U.S. tax-return information under current law may only be lawfully disclosed to a foreign government pursuant to a ratified treaty authorizing the information exchange. The U.S. is currently party to a network of bilateral tax treaties and tax-information-exchange agreements, and the Multilateral Convention on Mutual Administrative Assistance in Tax Matters, a treaty agreed to on January 25, 1988, and entered into force in 1995.
Article 4 of the original convention states: “The Parties shall exchange any information, in particular as provided in this section, that is foreseeably relevant to…the assessment and collection of tax, and the recovery and enforcement of tax claims.” However, Article 5 provides that this obligation must be fulfilled only upon request by a government “for information referred to in Article 4 which concerns particular persons or transactions.” (Emphasis added.) Article 6 permits but does not require automatic exchange of information. Article 22 contains provisions designed to protect the privacy of the information exchanged by the contracting states.
Separately, countries around the world have entered into more than 500 bilateral tax-information-exchange agreements modeled on the Organization for Economic Co-operation and Development’s (OECD’s) model Agreement on Exchange of Information on Tax Matters. This model agreement, released in 2002, is a nonbinding instrument meant to serve as a standard of “effective exchange of information for the purposes of the OECD’s initiative on harmful tax practices.” Article 5 of the model agreement makes it clear that the information must be provided only upon request and that automatic provision of the information is not required. Article 8 of the OECD model contains privacy protections.
Recent Sharing Proposals Endanger Financial Privacy. The U.S. Senate is currently considering the “Protocol Amending the Multilateral Convention on Mutual Administrative Assistance in Tax Matters,” which would impose a wide variety of new information-reporting requirements on financial institutions to help foreign governments collect their taxes. A second treaty—worse than this protocol—is the follow-on OECD treaty known as the “Multilateral Competent Authority Agreement on Automatic Exchange of Financial Account Information.” This follow-on treaty implements both the protocol and the 311-page OECD “Standard for Automatic Exchange of Financial Account Information in Tax Matters.” Together, the protocol, the Multilateral Competent Authority Agreement, and the OECD Standard constitute the three main parts of a new automatic information-exchange regime being promoted by the OECD and international tax bureaucrats.
If the U.S. ratifies the protocol and implements the new OECD standard, Washington would automatically, and in bulk, ship private financial and tax information—including Social Security and other tax identification numbers—to Argentina, China, Colombia, Indonesia, Kazakhstan, Nigeria, Russia, and nearly 70 other countries. In other words, foreign governments that are hostile to the U.S., corrupt, or have inadequate data safeguards, would automatically have access to private financial (and other) information of some U.S. taxpayers and most foreigners with accounts in the U.S. This new regime would also add yet another layer to the voluminous compliance requirements imposed on financial institutions, hitting small banks and broker-dealers especially hard.
Financial privacy necessarily deals with financial transaction data, so many federal rules deal with firms transferring money. These rules, which often impose heavy compliance costs on companies, are spread throughout several sections of the U.S. code but they generally apply to financial institutions as defined by Title 31 U.S. Code § 5312. Most of these regulations are AML and KYC rules, and they are primarily enforced by FinCEN. Other than banks (broadly defined), securities dealers, and insurance companies, the U.S. Code now identifies many non-financial firms as “financial institutions,” including government agencies, casinos, pawnbrokers, jewelry shops, travel agencies, car dealers, and real estate companies. Broker-dealers must also comply with the Financial Industry Regulatory Authority Rule 3310, which sets forth minimum standards for a firm’s written AML compliance program.
Title 18 of the U.S. code prohibits the operation of an unlicensed money-transmitting business, and also prohibits the knowing transfer of funds derived from (or intended for) criminal activity. Title 18 considers a business unlicensed if it fails to comply with federal “money transmitting business registration requirements,” or if it operates without a state license if one is required. Additionally, Title 31 of the U.S. Code requires money-transmitting businesses to register with the U.S. Secretary of the Treasury. Banks and other financial institutions are also required to comply with a complex set of tax information-reporting requirements administered by the IRS. According to a search of the Legal Information Institute’s version of the U.S. Code and the Code of Federal Regulations (CFR), the term “money laundering” occurs 72 times in the code and 185 times in the CFR.
Many of these rules have their genesis in the Bank Secrecy Act (BSA) of 1970, an act originally aimed at deterring foreign banks from laundering criminal proceeds and helping people evade federal income taxes. The BSA was little used until it was amended by the Money Laundering Control Act of 1986, an explicit component of the federal war on drugs and organized crime. In the wake of 9/11, the USA PATRIOT Act levied new rules on an expanded list of “financial institutions,” and also imposed stricter due-diligence and AML requirements. Essentially, the BSA/AML rules ensure that firms cannot legally transfer any money without knowing who the customer is and having some idea of where the money came from.
The BSA gave banks an affirmative duty to report to the Department of the Treasury cash transactions of more than $10,000, and it criminalized the failure to report such transactions. Adjusted for inflation to 2015 dollars, this amount represents more than $60,000, but the threshold has never been adjusted for inflation. Banks must electronically file a currency transaction report (CTR) for any “deposit, withdrawal, exchange, or other payment or transfer of more than $10,000 by, through, or to the bank.” Financial institutions are also required to report multiple currency transactions conducted “by, or on behalf of, one person” that aggregate to more than $10,000 in any single day.
Aside from the fact that FinCEN has the discretion to lower the $10,000 threshold, the regulations go well beyond the basic $10,000 threshold CTRs. Banks, for instance, have a $5,000 threshold for filing suspicious activity reports (SARs). Other financial institutions, such as casinos, also have the $5,000 SAR threshold, and most money-service businesses (MSBs) have a $2,000 SAR threshold. Additionally, some states have extended AML rules and have given casinos a $3,000 multiple transaction log (MTL) threshold. Moreover, all financial institutions regarded as MSBs must obtain and record specific information for all transfers of at least $3,000, and all currency exchangers must track any exchange that exceeds $1,000 in either domestic or foreign currency.
Federal regulators also require financial institutions to institute formal compliance programs for the BSA/AML rules, and regulators heavily micromanage this process. For guidance, the Federal Financial Institutions Examination Council publishes a 442-page examination manual that outlines procedures and requirements for a BSA/AML compliance program. The manual includes an overview of, for example, an appropriate customer identification program (CIP) as well as customer due-diligence (CDD) “policies, procedures, and processes.” Section 326 of the USA PATRIOT Act requires each bank to have a written CIP that is “appropriate for its size and type of business and that includes certain minimum requirements.”
The CIP is mandated to enable banks to form a “reasonable belief” that they know the true identity of each customer. Effective CDD programs, on the other hand, are meant to enable banks to “comply with regulatory requirements and to report suspicious activity.” Additionally, Section 1073 of the Dodd–Frank Wall Street Reform and Consumer Protection Act gave the Consumer Financial Protection Bureau (CFPB) certain regulatory responsibilities for remittance transfers. Specifically, Dodd–Frank amended the Electronic Fund Transfer Act “to create a new comprehensive ‘consumer protection regime’ for remittance transfers sent by consumers in the United States to individuals and businesses in foreign countries.” Combined, these rules impose large costs on financial institutions, many of which have decided to stop offering certain services rather than deal with the additional compliance burden or risk being held liable for criminal activity.
The original goal of the BSA/AML rules was to reduce predicate crimes, such as illegal drug distribution, rather than money laundering itself. Judged by this standard, very little empirical evidence suggests that the rules have worked as designed. In fact, even though BSA/AML rules have been expanded consistently throughout the past four decades, it remains difficult to discern any net benefit of the overall BSA/AML regulatory framework. Even though there is no clear evidence that the rules materially reduce crime, the BSA/AML bureaucracy began relentlessly expanding internationally—primarily through the Financial Action Task Force (FATF)—more than two decades ago.
One comprehensive study reports that even though the FATF proceeds as if these rules have produced only public benefits, “[t]o date there is no substantial effort by any international organization, including the International Monetary Fund, to assess either the costs or benefits of” this regulatory framework. In fact, BSA/AML regulations have been sharply criticized as a costly, ineffective approach to reducing crime. The rules have also been criticized for being overly intrusive and elaborate, and for distorting the classical constructions of criminal law and criminal procedure. The available evidence even suggests that the BSA/AML framework has forced financial firms to report so much information that it has made law enforcement more difficult because the information overload has reduced the reporting regime’s effectiveness at uncovering crime.
The growth in the reporting volume to law enforcement shows where the information overload has taken place. For instance, the annual number of SARs filed in the U.S. was only 52,000 in 1996, and had jumped to 689,414 by 2004. In 2013, U.S. depository institutions (banks) filed almost 1 million SARs, and (separately) MSBs filed nearly 800,000 SARs. In 2014, SAR filings totaled 1.7 million, and 916,709 were filed in the first half of 2015 (a pace of 1.8 million annually).
In 2001, roughly 13 million CTRs were filed with FinCEN. As shown in Table 1, FinCEN reported more than 15 million CTR filings in 2014, a considerably slower growth rate than for SARs. The total volume of BSA/AML filings has reached enormous proportions. For instance, in 2015 the FinCEN director announced that the agency receives “approximately 55,000 electronically filed BSA reports from more than 80,000 financial institutions and 500,000 individual foreign bank account holders each day.”
Aside from any possible benefits in crime reduction, research suggests that compliance costs are high for financial companies, with a disproportionate burden falling on smaller firms. For instance, Federal Reserve researchers report that compliance costs are especially burdensome for smaller banks, where hiring even one additional employee can lower the return on assets by more than 20 basis points. Other research suggests that the increasing compliance burden in the banking industry is at least partly responsible for the trend toward consolidation and the disappearance of smaller banks.
Though it is merely one example, an American Bankers Association (ABA) publication highlights a small bank that reports it has to dedicate more than 15 percent of its employees to compliance-related tasks. An ABA survey also suggests that the cumulative cost associated with compliance has caused banks to offer fewer services and raise fees, thus harming consumers. For example, almost 20 percent of the banks subject to the CFPB’s new remittance rules plan to simply stop providing remittance services, while 42 percent intend to raise fees to cover the additional compliance costs. Aside from these direct costs, banks have likely endured the cost of losing law-abiding customers who do not want to provide personal information, though this cost is difficult to quantify.
There seems to be little attention paid by either FinCEN or Congress to how high these compliance costs have become. Table 2 provides an estimate of these costs. The estimates are primarily based on the Office of Management and Budget (OMB) Office of Information and Regulatory Analysis burden-hour estimates for the information-collection requirements. The hours are then monetized using Bureau of Labor Statistics information about compliance personnel salaries. Using these figures, the total BSA/AML costs are estimated to be between $4.8 billion and $8 billion annually.
It is important to note that this estimate is probably a significant underestimate of the actual burden. For example, the OMB estimates that FinCEN’s “Future Commission Merchants and Introducing Brokers Customer Identification” requirements can be met in two minutes per customer, an assumption which is, at the least, questionable. The OMB makes a similar estimate regarding the Broker-Dealers Customer Identification Program.
Furthermore, other government agencies, notably the Department of Justice and the IRS, expend resources enforcing these laws although, so far as the authors know, these two agencies do not report the costs they incur from enforcing AML laws. Thus, only FinCEN’s budget is included in this Backgrounder’s cost estimates. Furthermore, the cost of funds provided by the U.S. government to international organizations, such as the FATF, is not considered in the estimate. To summarize, the Table 2 cost estimates are only with respect to BSA/AML compliance costs; they do not include costs relating to information reporting for tax purposes, nor do they include compliance costs due to other banking or securities regulations.
Tables 3, 4, and 5 provide data related to money-laundering investigations, indictments, and sentences from the FBI, IRS, and the U.S. Sentencing Commission. These government sources frequently provide inconsistent information about money-laundering crimes, but the overall crime statistics cast serious doubt on the efficiency of the BSA/AML requirements.
The FBI reports a downward trend in money-laundering investigations, from 548 in 2007 to 303 in 2011. (See Table 3.) There were only 37 indictments and 45 convictions in 2011. Using FBI data, those 45 convictions cost society between $107 million and $178 million per conviction, an absurdly low return on the billions in costs incurred by the private sector.
The IRS initiated between 1,300 and 1,600 money-laundering investigations in fiscal years (FYs) 2013, 2014, and 2015. (See Table 4.) In FY 2015, the IRS investigations resulted in 691 people being sentenced. Even making the heroic assumption that all 691 money-laundering sentences reported by the IRS were prosecutions that would not have occurred but for the AML statutes, and using the low end of the estimated costs of the AML regime, these prosecutions have a cost of at least $7 million each.
The U.S. Sentencing Commission reports that 667 money-laundering sentences were handed down in 2015, a decrease from 896 in 2006. (See Table 5.) This figure is slightly less than the 691 reported by the IRS. However, for 2014, the Sentencing Commission shows 885 sentences, compared to the IRS figure of 785. Regardless, these figures are reasonably close to each other and they indicate that the typical number of sentences for AML offenses is fairly low. Another mitigating factor is that many of these AML sentences were in addition to sentences for the underlying, predicate crime.
Separately, in FY 2015, FinCEN issued 12 civil money penalties. Thus, on the surface, these cases seem like a clear misallocation of law enforcement resources. It is difficult to believe that this regulatory framework is the most effective use of scarce law enforcement and private-sector resources. Yet, FinCEN has not been subject to any meaningful cost-benefit analysis, and federal (and international) bureaucracies keep adding additional costs and burdens. It is long past the time to change this approach.
After having increasingly forced financial institutions into a quasi-law-enforcement role for more than four decades, federal agencies should be able to easily point to direct net benefits. The available evidence suggests, however, that the BSA/AML regime has been a highly inefficient law enforcement tool. At the very least, a high degree of skepticism about further expansion of these and similar requirements is in order. Given the billions of dollars spent annually by the private sector on the existing elaborate and costly AML bureaucracy, a serious data-driven cost-benefit analysis of the existing system is warranted. Based on the evidence publicly available, the current regime is unlikely to withstand a rigorous analysis.
Lastly, the International Monetary Fund (IMF) has found that the withdrawal of correspondent banking relationships by Western banks with developing-country banks is having a macro-economically significant adverse impact in much of the developing world, and endangers financial stability. This development limits international trade and access to credit. Financial intermediation is important to financial prosperity and economic development. The IMF staff finds that this development is largely due to the regulatory risk, the risk of enforcement penalties and high compliance costs caused by the AML regulatory regime, and “tax transparency initiatives,” such as FATCA and the FATF’s black list.
The effect that these rules have on emerging financial services technologies—known as FinTech—should also be considered when assessing the cost and benefit of the BSA/AML regulatory framework. One major problem is that financial services firms, entrepreneurs, and even regulators, are still learning how these new technologies can be used. It is clear, however, that BSA/AML rules have contributed to existing firms’ hesitancy to use certain technologies, thus slowing down their implementation. For example, traditional banks have been reluctant to develop the blockchain technologies spawned by Bitcoin, and even to work with blockchain-based companies. In particular, the pseudo-anonymous nature of bitcoin transactions has been a challenge for complying with BSA/AML laws.
Even though bitcoin transactions are completed with an electronic address, they do not include the name or any other direct information about the person sending or receiving bitcoins. Naturally, pseudo-anonymous transactions pose a challenge for complying with know-your-customer laws. Furthermore, the Treasury’s recent request for “Public Input on Expanding Access to Credit Through Online Marketplace Lending” shows that it is clearly contemplating greater regulation of online lenders, a relatively new form of financial intermediary.
Title III of the Jumpstart Our Business Startups (JOBS) Act created an exemption from registration under the Securities Act for equity crowdfunding that allows entrepreneurs to raise capital using the Internet. In addition to broker-dealers, Congress created a more lightly regulated category of intermediary called a “funding portal” on which entrepreneurs may list their offerings. FinCEN has proposed a rule titled “Amendments to the Definition of Broker or Dealer in Securities,” treating these funding portals as broker-dealers for AML purposes, even though they are not broker-dealers. Similar rules were proposed and then rejected by the Securities and Exchange Commission and the Financial Industry Regulatory Authority.
Rejecting such rules is the right approach because funding portals do not handle customer funds. The JOBS Act prohibits funding portals from doing so. However, the banks and broker-dealers that do handle customer funds must comply with BSA/AML rules. Thus, the proposed rules quite literally impose duplicative and overlapping requirements. They require both the financial institution holding customer funds and the funding portal—despite the fact that funding portals cannot hold customer funds—to perform the same function (for AML purposes) with respect to the same customer funds.
It is inappropriate to require funding portals to comply with these rules because the ability of the funding portal to engage in, or facilitate, money laundering does not exist to any meaningful degree, and the costs of complying with these rules are likely so high as to make funding portals uneconomical. Implementing such rules will result in a situation where the only intermediaries are broker-dealers, thus frustrating the intention of Congress to establish a more lightly regulated intermediary class. As with all financial services activities, it is critical that personal and financial privacy and compliance costs remain key concerns as policymakers design new regulations for funding portals and all other FinTech applications.
The principle of federalism potentially complicates these matters because each U.S. state has the ability to create its own set of regulations for FinTech firms. Regarding the state–federal relationship, 31 U.S. Code § 5330 (a)(3) explicitly states that it does not supersede “any requirement of State law relating to money transmitting businesses operating in such State.” Congress should consider the possible benefits of pre-empting state registration requirements for money-transmission businesses because the technological changes of the past few decades ensure that any money transmitter, regardless of the state in which it is domiciled, can easily transfer funds around the entire globe.
The primary goals of international information sharing should be to promote law enforcement, combat terrorism, and prevent and punish fraud in a manner consistent with the principles of a free society. A better means of achieving these goals is to replace the current patchwork of international agreements with a well-considered, integrated international convention that ensures robust information sharing for the purposes of preventing terrorism, crime, and fraud, but also provides enforceable legal protections for the financial and other privacy interests of member states’ citizens and the legitimate commercial interests of their businesses.
Membership in this convention should be restricted to governments that (1) are democratic (representative democracies with legitimate elections and protections for political minorities); (2) respect free markets, private property, and the rule of law; (3) can be expected to always use the information in a manner consistent with the security interests of the member states; and (4) have—in law and in practice—adequate safeguards to prevent the information from being obtained by hostile parties or used for inappropriate commercial, political, or other purposes.
Such an arrangement would facilitate law enforcement and anti-terrorist aims by allowing more information to be exchanged safely and more expeditiously. It would also provide, for the first time, enforceable legal protections for the rights of citizens of the member states. Regardless, the Senate should not ratify the Protocol Amending the Multilateral Convention on Mutual Administrative Assistance in Tax Matters. Doing so would lead to substantially more transnational identity theft, crime, industrial espionage, financial fraud, and the suppression of political opponents and religious or ethnic minorities by authoritarian and corrupt governments. Ratifying the protocol would put Americans’ private financial information at risk, and the risk would be highest for American businesses involved in international commerce.
Financial privacy is a key component of life in a free society, and the U.S. system of government was designed to ensure individuals a private sphere free of government involvement, surveillance, and control. The current U.S. financial regulatory framework has expanded so much that it now threatens this basic element of freedom. For instance, individuals who engage in cash transactions of more than a small amount trigger a general suspicion of criminal activity, and financial institutions of all kinds—including jewelry stores—have to report such transactions. Regulations have imposed an enormous compliance burden on these firms, and the companies have essentially been forced into a quasi-law-enforcement role.
The cost estimates provided in this Backgrounder suggest that the current regulatory framework is unlikely to withstand a rigorous cost-benefit analysis. For instance, the costs of the current U.S. BSA/AML regime are estimated to be between $4.8 billion and $8 billion annually, at least $7 million for each AML conviction. Nonetheless, the BSA/AML framework has expanded for the past few decades without any meaningful cost-benefit analysis of these rules. Since the current framework appears grossly cost-ineffective, Congress should require regulators to develop better information about the costs and benefits of the current regime.
Internationally, the U.S. has signed a treaty and is engaged in further talks that would allow hostile countries access to American citizens’ private financial information. The U.S. should not ratify the Protocol Amending the Multilateral Convention on Mutual Administrative Assistance in Tax Matters. The primary goals of international information sharing should be to promote law enforcement according to the principles of a democratic society, combat terrorism, and prevent and punish crime and fraud. The current patchwork of international agreements fails to accomplish these goals, and the overly complex and burdensome financial regulatory framework has likely impeded efforts to meet these goals. This Backgrounder recommends seven reforms that would better protect individuals’ privacy rights and improve law enforcement’s ability to apprehend and prosecute criminals and terrorists.—David R. Burton is Senior Fellow in Economic Policy, and Norbert J. Michel, PhD, is a Research Fellow in Financial Regulations, in the Thomas A. Roe Institute for Economic Policy Studies, of the Institute for Economic Freedom and Opportunity, at The Heritage Foundation.
CTR figures for 2012–2014 provided directly by the Financial Crimes Enforcement Network;
2014 SAR figures from Financial Crimes Enforcement Network, “SAR Stats Technical Bulletin,” October 2015, p. 2, https://www.fincen.gov/news_room/rp/files/SAR02/SAR_Stats_2_FINAL.pdf (accessed August 8, 2016);
2010–2013 SAR figures from Financial Crimes Enforcement Network, “SAR Stats Technical Bulletin,” July 2014, p. 1, https://www.fincen.gov/news_room/rp/files/SAR01/SAR_Stats_proof_2.pdf (accessed August 8, 2016);
2003–2009 SAR figures from Financial Crimes Enforcement Network, “The SAR Activity Review–by the Numbers,” No. 18, p. 4, https://www.fincen.gov/news_room/rp/files/btn18/sar_by_numb_18.pdf (accessed August 8, 2016);
2002 SAR figures from Financial Crimes Enforcement Network, “The SAR Activity Review–by the Numbers,” No. 17, p. 4, https://www.fincen.gov/news_room/rp/files/btn17/sar_by_numb_17.pdf (accessed August 8, 2016);
2001 SAR figures from Financial Crimes Enforcement Network, “The SAR Activity Review–by the Numbers,” No. 16, p. 4, https://www.fincen.gov/news_room/rp/files/sar_by_numb_16.pdf (accessed August 8, 2016);
2000 SAR figures from Financial Crimes Enforcement Network, “The SAR Activity Review–by the Numbers,” No. 15, p. 4, https://www.fincen.gov/news_room/rp/files/sar_by_numb_15.pdf (accessed August 8, 2016);
2009–2011 CTR figures from Financial Crimes Enforcement Network, “Annual Report Fiscal Year 2011,” p. 8, https://www.fincen.gov/news_room/rp/files/annual_report_fy2011.pdf, (accessed August 8, 2016);
2008 CTR figures from Financial Crimes Enforcement Network, “Annual Report Fiscal Year 2010,” p. 11, https://www.fincen.gov/news_room/rp/files/annual_report_fy2010.pdf (accessed August 8, 2016);
2007 CTR figures from Financial Crimes Enforcement Network, “Annual Report Fiscal Year 2009,” https://www.fincen.gov/news_room/rp/files/YEreport/FY2009/annualreport.html (accessed August 8, 2016);
2006 CTR figures from Financial Crimes Enforcement Network, “Annual Report Fiscal Year 2007,” https://www.fincen.gov/news_room/rp/files/YEreport/FY2007/AnnualReportFY2007.html (accessed August 8, 2016);
2004–2005 CTR figures from Financial Crimes Enforcement Network, “Annual Report Fiscal Year 2005,” https://www.fincen.gov/news_room/rp/files/YEreport/bsaReporting.html (accessed August 8, 2016);
2003 CTR figures from Financial Crimes Enforcement Network, “Annual Report Fiscal Year 2004,” https://www.fincen.gov/news_room/rp/files/annual_report_fy2004.pdf (accessed August 8, 2016).
Compliance Officers have a mean hourly wage of $33.26: Bureau of Labor Statistics, “Occupational Employment Statistics: May 2015 National Occupational Employment and Wage Estimates United States,” http://www.bls.gov/oes/current/oes_nat.htm#13-0000 (accessed September 9, 2016).
Benefits and employer taxes increase this cost to $47.75 (44 percent): Bureau of Labor Statistics Southwest Information Office, “Employer Costs for Employee Compensation for the Regions—June 2016,” http://www.bls.gov/regions/southwest/news-release/employercostsforemployeecompensation_regions.htm (accessed September 9, 2016). Accounting for the indirect costs (offices, phones, computers, etc.) of employing people (a fully burdened rate) will typically increase the cost at least 30 percent and often much more ($47.75 x 1.3 = $62.08).
Office of Management and Budget, Office of Information and Regulatory Affairs, Supporting Statement A, FinCEN Suspicious Activity Report, OMB Control No. 1506-0065, April 19, 2016, http://www.reginfo.gov/public/do/PRAViewDocument?ref_nbr=201604-1506-006 (accessed September 9, 2016);
Office of Management and Budget, Office of Information and Regulatory Affairs, Supporting Statement, FinCEN Currency Transaction Report, OMB Control No 1506-0064 , April 21, 2016, http://www.reginfo.gov/public/do/PRAViewDocument?ref_nbr=201604-1506-007 (accessed August 3, 2016);
Office of Management and Budget, Office of Information and Regulatory Affairs, Supporting Statement, FinCEN Customer Due Diligence Requirements for Financial Institutions, OMB Control No. 1506-0070, May 12, 2016, http://www.reginfo.gov/public/do/PRAViewDocument?ref_nbr=201605-1506-001 (accessed August 3, 2016);
Office of Management and Budget, Office of Information and Regulatory Affairs, Supporting Statement, FinCEN Requirement for Information Sharing Between Government Agencies and Financial Institutions, OMB Control No. 1506-0049, May 27, 2016, http://www.reginfo.gov/public/do/PRAViewDocument?ref_nbr=201605-1506-002 (accessed August 3, 2016);
Office of Management and Budget, Office of Information and Regulatory Affairs, Supporting Statement, FinCEN Futures Commission Merchants and Introducing Brokers Customer Identification Program, OMB Control No. 1506-0022, October 30, 2015, http://www.reginfo.gov/public/do/DownloadDocument?objectID=58650502 (accessed August 3, 2016);
Office of Management and Budget, Office of Information and Regulatory Affairs, Supporting Statement, FinCEN Currency and Monetary Instrument Reports, OMB Control No. 1506-0014, September 30, 2015, http://www.reginfo.gov/public/do/DownloadDocument?objectID=58836701 (accessed August 3, 2016);
Office of Management and Budget, Office of Information and Regulatory Affairs, Supporting Statement, FinCEN AML Program for Dealers in Precious Metals, Precious Stones or Jewels, OMB Control No. 1506-0030, September 30, 2015, http://www.reginfo.gov/public/do/DownloadDocument?objectID=58649101 (accessed August 3, 2016);
Office of Management and Budget, Office of Information and Regulatory Affairs, Supporting Statement, FinCEN Banks, Savings Associations, Credit Unions, and Certain Non-Federally Regulated Banks Customer Identification Program, OMB Control No. 1506-0026, September 30, 2015, http://www.reginfo.gov/public/do/DownloadDocument?objectID=58652001 (accessed August 3, 2016);
Office of Management and Budget, Office of Information and Regulatory Affairs, Supporting Statement, FinCEN Mutual Funds Customer Identification Program, OMB Control No. 1506-0033, September 30, 2015, http://www.reginfo.gov/public/do/DownloadDocument?objectID=58653401 (accessed August 3, 2016);
Office of Management and Budget, Office of Information and Regulatory Affairs, Supporting Statement, FinCEN Broker-dealers Customer Identification Program, OMB Control No. 1506-0034, September 30, 2015, http://www.reginfo.gov/public/do/DownloadDocument?objectID=58836601 (accessed August 3, 2016);
Office of Management and Budget, Office of Information and Regulatory Affairs, Supporting Statement, FinCEN Anti-Money Laundering Programs for Insurance Companies and Non-bank Residential Mortgage Lenders and Originators, OMB Control No. 1506-0035, June 29, 2015, http://www.reginfo.gov/public/do/DownloadDocument?objectID=55362001 (accessed August 3, 2016);
Office of Management and Budget, Office of Information and Regulatory Affairs, Supporting Statement, FinCEN Anti-Money Laundering Programs for Money Services Business, Mutual Funds, Operators of Credit Card Systems, and Providers of Prepaid Access, OMB Control No. 1506-0020, May 26, 2015, http://www.reginfo.gov/public/do/DownloadDocument?objectID=55362801 (accessed August 3, 2016);
Office of Management and Budget, Office of Information and Regulatory Affairs, Supporting Statement, FinCEN Registration of Money Services Business, OMB Control No. 1506-0013, April 23, 2015, http://www.reginfo.gov/public/do/DownloadDocument?objectID=54536801 (accessed August 3, 2016).
For the “AML/KYC Compliance Training, Systems Implementation, Rule Familiarization” cost estimate, according to BLS (May 2015 National Occupational Employment and Wage Estimates), there are 257,000 compliance officers. Assuming that 10 percent to 20 percent of them fulfil the BSA/AML/KYC compliance function, at $62.08/hr., the total cost is $3.2 billion to $6.4 billion (assuming 2,000 hours per year).
FinCEN’s budget figure is taken from Financial Crimes Enforcement Network, “FY 2017 President’s Budget,” February 9, 2016, p. 3, https://www.treasury.gov/about/budget-performance/CJ17/14.%20FinCEN%20FY%202017%20CJ.PDF (accessed September 9, 2016).
2010–2011 figures from Federal Bureau of Investigation, “Financial Crimes Report to the Public,” Fiscal Years 2010–2011, https://www.fbi.gov/stats-services/publications/financial-crimes-report-2010-2011/financial-crimes-report-2010-2011#Asset (accessed August 8, 2016);
2009 figures are from Federal Bureau of Investigation, “Financial Crimes Report to the Public,” Fiscal Year 2009, Asset Forfeiture/Money Laundering, https://www.fbi.gov/stats-services/publications/financial-crimes-report-2009 (accessed August 8, 2016);
2008 figures from Federal Bureau of Investigation, “Financial Crimes Report to the Public,” Fiscal Year 2008, Asset Forfeiture/Money Laundering, https://www.fbi.gov/stats-services/publications/fcs_report2008 (accessed August 8, 2016);
2007 figures from Federal Bureau of Investigation, “Financial Crimes Report to the Public,” Fiscal Year 2007, Asset Forfeiture/Money Laundering, https://www.fbi.gov/stats-services/publications/fcs_report2007 (accessed August 8, 2016);
2006 figures from Federal Bureau of Investigation, “Financial Crimes Report to the Public,” Fiscal Year 2006, Asset Forfeiture/Money Laundering, https://www.fbi.gov/file-repository/stats-services-publications-fcs_report2006-financial-crimes-report-to-the-public-2006-pdf/view (accessed August 8, 2016);
2001–2005 figures from Federal Bureau of Investigation, “Financial Crimes Report to the Public,” Fiscal Year 2005, Asset Forfeiture/Money Laundering, https://www.fbi.gov/file-repository/stats-services-publications-fcs_report2005-financial-crimes-report-to-the-public-2005-pdf/view (accessed August 8, 2016).
2013–2015 figures from Internal Revenue Service, “Statistical Data–Money Laundering & Bank Secrecy Act (BSA),” Fiscal Years 2013–2015, https://www.irs.gov/uac/statistical-data-money-laundering-bank-secrecy-act-bsa (accessed August 8, 2016);
2010–2012 figures from Internal Revenue Service, “Statistical Data–Money Laundering & Bank Secrecy Act (BSA),” Fiscal Years 2010–2012, https://fusiontables.google.com/DataSource?docid=15FZXIMO9OJPVFMtBLrf-3NcWRK8NEC-kt0eGw38#rows:id=1 (accessed August 8, 2016);
2009 figures from Internal Revenue Service, “Statistical Data–Money Laundering & Bank Secrecy Act (BSA),” Fiscal Years 2009–2011, http://assets.complianceexpert.com/fileserver/file/6440/filename/Graph.pdf (accessed August 8, 2016).
Each figure is taken from the respective final report for each year:
United States Sentencing Commission, “Final Quarterly Data Report,” Fiscal Year 2015, p. 41, http://www.ussc.gov/sites/default/files/pdf/research-and-publications/federal-sentencing-statistics/ quarterly-sentencing-updates/USSC-2015_Quarterly_Report_Final.pdf (accessed August 8, 2016);
United States Sentencing Commission, “Final Quarterly Data Report,” Fiscal Year 2014, p. 41, http://www.ussc.gov/sites/default/files/pdf/research-and-publications/federal-sentencing-statistics/ quarterly-sentencing-updates/USSC-2014_Quarterly_Report_Final.pdf (accessed August 9, 2016);
United States Sentencing Commission, “Final Quarterly Data Report,” Fiscal Year 2013, p. 41, http://www.ussc.gov/sites/default/files/pdf/research-and-publications/federal-sentencing-statistics/ quarterly-sentencing-updates/USSC_2013_Quarter_Report_Final.pdf (accessed August 9, 2016);
United States Sentencing Commission, “Final Quarterly Data Report,” Fiscal Year 2012, p. 41, http://www.ussc.gov/sites/default/files/pdf/research-and-publications/federal-sentencing-statistics/ quarterly-sentencing-updates/USSC_2012_Quarter_Report_Final.pdf (accessed August 9, 2016);
United States Sentencing Commission, “Final Quarterly Data Report,” Fiscal Year 2011, p. 41, http://www.ussc.gov/sites/default/files/pdf/research-and-publications/federal-sentencing-statistics/ quarterly-sentencing-updates/USSC_2011_Quarter_Report_Final.pdf (accessed August 9, 2016);
United States Sentencing Commission, “Final Quarterly Data Report,” Fiscal Year 2010, p. 41, http://www.ussc.gov/sites/default/files/pdf/research-and-publications/federal-sentencing-statistics/ quarterly-sentencing-updates/USSC_2010_Quarter_Report_Final.pdf (accessed August 9, 2016);
United States Sentencing Commission, “Final Quarterly Data Report,” Fiscal Year 2009, p. 41, http://www.ussc.gov/sites/default/files/pdf/research-and-publications/federal-sentencing-statistics/ quarterly-sentencing-updates/USSC_2009_Quarter_Report_Final.pdf (accessed August 9, 2016);
United States Sentencing Commission, “Final Quarterly Data Report,” Fiscal Year 2008, p. 41, http://www.ussc.gov/sites/default/files/pdf/research-and-publications/federal-sentencing-statistics/ quarterly-sentencing-updates/USSC_2008_Quarter_Report_Final.pdf (accessed August 9, 2016);
United States Sentencing Commission, “Final Quarterly Data Report,” Fiscal Year 2007, p. 41, http://www.ussc.gov/sites/default/files/pdf/research-and-publications/federal-sentencing-statistics/ quarterly-sentencing-updates/USSC_2007_Quarter_Report_Final.pdf (accessed August 9, 2016);
United States Sentencing Commission, “Final Quarterly Data Report,” Fiscal Year 2006, p. 41, http://www.ussc.gov/sites/default/files/pdf/research-and-publications/federal-sentencing-statistics/ quarterly-sentencing-updates/USSC_2006_Quarter_Report_Final.pdf (accessed August 9, 2016);
United States Sentencing Commission, “Sourcebook of Federal Sentencing Statistics,” Guideline Offenders in Each Primary Offense Category, Fiscal Year 2005, http://www.ussc.gov/sites/default/files/pdf/research-and-publications/annual-reports-and-sourcebooks/2005/table3_0.pdf (accessed August 8, 2016);
United States Sentencing Commission, “Sourcebook of Federal Sentencing Statistics,” Guideline Offenders in Each Primary Offense Category, Fiscal Year 2004, http://www.ussc.gov/sites/default/files/pdf/research-and-publications/annual-reports-and-sourcebooks/2004/table3_0.pdf (accessed August 8, 2016);
United States Sentencing Commission, “Sourcebook of Federal Sentencing Statistics,” Guideline Offenders in Each Primary Offense Category, Fiscal Year 2003, http://www.ussc.gov/sites/default/files/pdf/research-and-publications/annual-reports-and-sourcebooks/2003/table3_0.pdf (accessed August 8, 2016);
United States Sentencing Commission, “Sourcebook of Federal Sentencing Statistics,” Guideline Offenders in Each Primary Offense Category, Fiscal Year 2002, http://www.ussc.gov/sites/default/files/pdf/research-and-publications/annual-reports-and-sourcebooks/2002/table3_0.pdf (accessed August 8, 2016);
United States Sentencing Commission, “Sourcebook of Federal Sentencing Statistics,” Guideline Offenders in Each Primary Offense Category, Fiscal Year 2001, http://www.ussc.gov/sites/default/files/pdf/research-and-publications/annual-reports-and-sourcebooks/2001/table3_0.pdf (accessed August 8, 2016);
United States Sentencing Commission, “Sourcebook of Federal Sentencing Statistics,” Guideline Offenders in Each Primary Offense Category, Fiscal Year 2000, http://www.ussc.gov/sites/default/files/pdf/research-and-publications/annual-reports-and-sourcebooks/2000/table-3_0.pdf (accessed August 8, 2016).
 See, for example, Terry v. Ohio, 392 U.S. 1, 21 (1968). (“And, in justifying the particular intrusion, the police officer must be able to point to specific and articulable facts which, taken together with rational inferences from those facts, reasonably warrant that intrusion.”)
 There are surely other ways to measure cost-effectiveness, but the authors calculated this estimate because so few others have published cost estimates for the AML framework.
 More than 100 FIUs make up the Egmont Group, an international entity focused on information sharing and cooperation among FIUs. In general, FIUs are national agencies responsible for requesting, receiving, analyzing, and disseminating disclosures of financial information to the requisite authorities. U.S. Department of the Treasury FinCEN, “The Egmont Group of Financial Intelligence Units,” https://www.fincen.gov/international/egmont/ (accessed August 24, 2016).
 Organization for Economic Co-operation and Development, “Jurisdictions Participating in the Convention on Mutual Administrative Assistance in Tax Matters, Status, 22 August 2016,” http://www.oecd.org/tax/exchange-of-tax-information/Status_of_convention.pdf (accessed August 24, 2016).
 Internal Revenue Service, “United States Income Tax Treaties–A to Z,” https://www.irs.gov/businesses/international-businesses/united-states-income-tax-treaties-a-to-z (accessed August 24, 2016).
 Internal Revenue Code §§1471–1474, and IRS, “FATCA–Regulations and Other Guidance,” https://www.irs.gov/businesses/corporations/fatca-regulations-and-other-guidance (accessed August 24, 2016).
 26 CFR 1.1441-1; Internal Revenue Service Rev. Proc. 2014-39.
 Information Sharing Environment, “Annual Report to the Congress,” September 2015, https://www.ise.gov/sites/default/files/FINAL_ISE_Annual_Report_2015_FOR_WEB_0.pdf (accessed August 24, 2016).
 Federal Bureau of Investigation, “FBI Information Sharing & Safeguarding Report,” 2012, https://www.fbi.gov/stats-services/publications/national-information-sharing-strategy-1/fbi-information-sharing-and-safeguarding-report-2012 (accessed August 24, 2016), and Information Sharing Environment, “Law Enforcement Information Sharing,” https://www.ise.gov/law-enforcement-information-sharing (accessed August 24, 2016).
 Interpol, “Data Exchange,” http://www.interpol.int/INTERPOL-expertise/Data-exchange (accessed August 24, 2016).
 Virginia Declaration of Rights, June 12, 1776, Section 1 (“That all men are by nature equally free and independent and have certain inherent rights, of which, when they enter into a state of society, they cannot, by any compact, deprive or divest their posterity; namely, the enjoyment of life and liberty, with the means of acquiring and possessing property, and pursuing and obtaining happiness and safety.”); U.S. Declaration of Independence, July 4, 1776 (“We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are Life, Liberty and the pursuit of Happiness; That to secure these rights, Governments are instituted among Men.”); U.S. Constitution, 5th Amendment (“No person shall be...deprived of life, liberty, or property, without due process of law.”); 14th Amendment (“[N]or shall any state deprive any person of life, liberty, or property, without due process of law.).” See also, John Locke, Two Treatises of Government, Second Treatise (1690) (“Man…hath by nature a power, not only to preserve his property, that is, his life, liberty and estate, against the injuries and attempts of other men.”)
 Theodore R. Bromund, “Putin’s Long Arm: How Russia Uses Interpol to Harass Opponents,” The Weekly Standard, March 2, 2015, http://www.weeklystandard.com/putin-s-long-arm/article/859638?page=1 (accessed August 26, 2016); Theodore R. Bromund and David B. Kopel, “Necessary Reforms Can Keep Interpol Working in the U.S. Interest,” Heritage Foundation Backgrounder No. 2861, December 11, 2013, http://www.heritage.org/research/reports/2013/12/necessary-reforms-can-keep-interpol-working-in-the-us-interest; and Herta Däubler-Gmelin, “How Rogue Regimes Have Weaponized Interpol,” The Wall Street Journal, June 28, 2016, http://www.wsj.com/articles/how-rogue-regimes-have-weaponized-interpol-1467151465 (accessed August 24, 2016).
 Tax evasion is not a crime in many liberal democratic states where, instead, it is treated as a civil violation.
 Tingting Liu et al., “The Dark Side of Disclosure: Evidence of Government Expropriation from Worldwide Firms,” World Bank Policy Research Working Paper No. 7254, May 4, 2015, http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2602586 (accessed August 24, 2016) (“[T]he Chinese government is tied to the wide-ranging effort to steal trade secrets.”); Devlin Barrett, “U.S. Plans to Use Spy Law to Battle Corporate Espionage: Sees Big Chinese Hand in Surge in Attempted Trade-Secret Theft,” The Wall Street Journal, July 23, 2015, http://www.wsj.com/articles/u-s-plans-to-use-spy-law-to-battle-corporate-espionage-1437688169 (accessed August 24, 2016); news release, “U.S. Charges Five Chinese Military Hackers for Cyber Espionage Against U.S. Corporations and a Labor Organization for Commercial Advantage,” U.S. Department of Justice, May 19, 2014, http://www.justice.gov/opa/pr/us-charges-five-chinese-military-hackers-cyber-espionage-against-us-corporations-and-labor (accessed August 24, 2016); and Cory Bennett, “Russia’s Cyberattacks Grow More Brazen,” The Hill, April 12, 2015, http://thehill.com/policy/cybersecurity/238518-russias-cyberattacks-grow-more-brazen (accessed August 24, 2016).
 Currently, the OECD Base Erosion and Profit Shifting Project Action Item 12 raises serious commercial privacy issues. See OECD, “Transfer Pricing Documentation and Country-by-Country Reporting, Action 13–2015 Final Report,” October 5, 2015, https://www.oecd.org/ctp/transfer-pricing-documentation-and-country-by-country-reporting-action-13-2015-final-report-9789264241480-en.htm (accessed August 24, 2016).
 Daniel J. Mitchell, “A Tax Competition Primer: Why Tax Harmonization and Information Exchange Undermine America’s Competitive Advantage in the Global Economy,” Heritage Foundation Backgrounder No. 1460, July 20, 2001, http://www.heritage.org/research/reports/2001/07/a-tax-competition-primer, and Chris Edwards and Daniel J. Mitchell, Global Tax Revolution: The Rise of Tax Competition and the Battle to Defend It (Washington, DC: Cato Institute, 2008).
 Internal Revenue Code §6103(k)(4). (“A return or return information may be disclosed to a competent authority of a foreign government which has an income tax or gift and estate tax convention, or other convention or bilateral agreement relating to the exchange of tax information, with the United States but only to the extent provided in, and subject to the terms and conditions of, such convention or bilateral agreement.”)
 U.S. Department of Treasury, “Resource Center: Treaties and TIEAs,” https://www.treasury.gov/resource-center/tax-policy/treaties/Pages/treaties.aspx (accessed August 24, 2016).
 The U.S. ratified the convention on January 30, 1991. For the original, un-amended text, see OECD, Convention on Mutual Administrative Assistance in Tax Matters, http://www.oecd.org/ctp/exchange-of-tax-information/conventiononmutualadministrativeassistanceintaxmatters.htm (accessed August 29, 2016). This is the version of the convention to which the U.S. is a party.
 Ibid. See also OECD, “Keeping It Safe,” July 23, 2012, http://www.oecd.org/ctp/exchange-of-tax-information/keeping-it-safe-report.pdf (accessed August 24, 2016).
 The U.S. has entered bilateral agreements with many countries. For a complete international list of tax-information-exchange agreements, see OECD, “Tax Information Exchange Agreements (TIEAs),” http://www.oecd.org/tax/exchange-of-tax-information/taxinformationexchangeagreementstieas.htm (accessed August 24, 2016).
 OECD, “Agreement on Exchange of Information on Tax Matters,” http://www.oecd.org/ctp/harmful/2082215.pdf (accessed August 24, 2016). See, especially, paragraph 39 of the commentary which, referring to paragraph 1 of Article 5 of the model agreement, states: “The paragraph makes clear that the Agreement only covers exchange of information upon request (i.e., when the information requested relates to a particular examination, inquiry or investigation) and does not cover automatic or spontaneous exchange of information. However, Contracting Parties may wish to consider expanding their co-operation in matters of information exchange for tax purposes by covering automatic and spontaneous exchanges and simultaneous tax examinations.”
 David R. Burton, “Two Little Known Tax Treaties Will Lead to Substantially More Identity Theft, Crime, Industrial Espionage, and Suppression of Political Dissidents,” Heritage Foundation Backgrounder No. 3087, December 21, 2015, http://www.heritage.org/research/reports/2015/12/two-little-known-tax-treaties-will-lead-to-substantially-more-identity-theft-crime-industrial-espionage-and-suppression-of-political-dissidents.
 OECD, “Standard for Automatic Exchange of Financial Account Information in Tax Matters,” July 21, 2014, http://www.oecd.org/ctp/exchange-of-tax-information/standard-for-automatic-exchange-of-financial-information-in-tax-matters.htm (accessed August 24, 2016), and OECD, “Standard for Automatic Exchange of Financial Account Information: Common Reporting Standard,” https://www.oecd.org/ctp/exchange-of-tax-information/automatic-exchange-financial-account-information-common-reporting-standard.pdf (accessed August 26, 2016).
 In principle, the shared information can only be used for tax purposes. But the idea that the tax authorities in China, Russia, and other countries will not share the information with their intelligence services and state-owned or politically favored private businesses is extraordinarily naive. It is also naive to think that the U.S. government could detect this intragovernmental transfer of data between foreign government agencies or ensure that it does not take place.
 31 U.S. Code §5311, et seq., and 31 CFR Chapter X. Separately, Title X of the Dodd–Frank Act created the Consumer Financial Protection Bureau (CFPB) and gave the CFPB certain regulatory responsibilities for remittance transfers. The CFPB is an independent federal agency whose regulatory standards are neither defined nor fixed, and thus arbitrary. The CFPB is imbued with unparalleled powers over virtually every consumer financial product and service, and it could easily create rules that extend the AML regime under the pretense of protecting consumers. See Diane Katz, “Title X and the Consumer Financial Protection Bureau: Limiting Americans’ Credit Choices,” in Norbert J. Michel, ed., The Case Against Dodd–Frank: How the “Consumer Protection” Law Endangers Americans (Washington, DC: The Heritage Foundation, 2016), http://thf-reports.s3.amazonaws.com/2016/The%20Case%20Against%20Dodd-Frank.pdf, and Alden F. Abbott, “Time to Eliminate the Consumer Financial Protection Bureau,” Heritage Foundation Legal Memorandum No. 172, February 8, 2016, http://www.heritage.org/research/reports/2016/02/time-to-eliminate-the-consumer-financial-protection-bureau.
 The code also defines a financial institution as “any other business designated by the [Treasury] Secretary whose cash transactions have a high degree of usefulness in criminal, tax, or regulatory matters.” See 31 U.S. Code § 5312(a)(2)(z).
 18 U.S. Code § 1960.
 31 U.S. Code § 5330.
 Internal Revenue Code §6041, et seq.
 Michael Levi and Peter Reuter, “Money Laundering,” in Crime and Justice: A Review of Research, Vol. 34, ed. by M. Tony (Chicago: University of Chicago Press, 2006), pp. 289–375.
 Ibid., p. 296. The Money Laundering Control Act extended certain provisions of the BSA to banks of all charters by amending the Federal Deposit Insurance Act (FDIA) and the Federal Credit Union Act (FCUA). The Money Laundering Control Act added the following sections to the U.S. Code: 12 U.S. Code 1818(s); 12 U.S. Code 1829(b); and 12 U.S. Code 1786(q).
 These rules are commonly referred to as “know your customer rules,” but formally referred to by FinCEN as customer due-diligence requirements. These requirements are generally viewed as part of financial institutions’ AML programs. The BSA authorizes FinCEN to impose AML requirements on financial institutions. See FinCEN, “Customer Due Diligence Requirements for Financial Institutions,” Final Rule, Federal Register, Vol. 81, No. 91 (May 11, 2016), pp. 29398–29458, https://www.gpo.gov/fdsys/pkg/FR-2016-05-11/pdf/2016-10567.pdf (accessed August 30, 2016).
 Internal Revenue Code § 6050I; 31 U.S. Code § 5313; and 31 CFR Part 1010, Subpart C.
 See Federal Financial Institutions Examination Council, “Bank Secrecy Act Anti-Money Laundering Examination Manual: Currency Transaction Reporting—Overview,” https://www.ffiec.gov/bsa_aml_infobase/pages_manual/OLM_017.htm (accessed August 24, 2016). Several prominent academics have begun advocating the total abolition of paper currency (cash) in the name of (among other things) reducing criminal activity, so that people can only transact electronically. See Norbert J. Michel, “The Fallacy of Banning Cash,” Cayman Financial Review, August 2, 2016, http://www.caymanfinancialreview.com/2016/08/02/the-fallacy-of-banning-cash/?utm_content=buffer29f28&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer (accessed August 26, 2016).
 FinCEN, “Notice to Customers: A CTR Reference Guide,” https://www.fincen.gov/whatsnew/pdf/CTRPamphletBW.pdf (accessed August 25, 2016).
 News release, “FinCEN Targets Money Laundering Infrastructure with Geographic Targeting Order in Miami,” FinCEN, April 21, 2015, http://www.fincen.gov/news_room/nr/html/20150421.html (accessed August 25, 2016). Also see American Gaming Association, “Best Practices for Anti-Money Laundering Compliance,” December 2014, https://www.americangaming.org/sites/default/files/research_files/aga-best-practices-re-aml-compliance-122014.pdf (accessed August 25, 2016).
 The SAR thresholds for banks, casinos, and money-service businesses are found at 31 CFR 1020.320, 31 CFR 1021.320, and 31 CFR 1022.320, respectively.
 Federal law also requires special records, such as multiple currency transaction logs, to be maintained by casinos. See 31 CFR 1021.410.
 Money-service businesses, including check cashers and providers of prepaid access cards, are defined at 31 CFR 1010.100(ff).
 The $3,000 MSB requirement applies to all forms of payment. See FinCEN, “Bank Secrecy Act Requirements: A Quick Reference Guide for Money Services Businesses,” https://www.fincen.gov/financial_institutions/msb/materials/en/bank_reference.html (accessed August 25, 2016).
 The council is a formal interagency body composed mostly of federal banking regulators. See Federal Financial Institutions Examination Council, “Bank Secrecy Act/Anti-Money Laundering Examination Manual,” 2014, https://www.ffiec.gov/bsa_aml_infobase/documents/BSA_AML_Man_2014_v2.pdf (accessed August 25, 2016).
 Federal Financial Institutions Examination Council, “Bank Secrecy Act/Anti-Money Laundering Examination Manual,” pp. 47–55 and 56–59, respectively.
 Ibid., p. 47. Also See 12 CFR 208.63–Procedures for Monitoring Bank Secrecy Act Compliance.
 Federal Financial Institutions Examination Council, “Bank Secrecy Act/Anti-Money Laundering Examination Manual,” p. 47.
 Ibid., p. 56.
 Consumer Financial Protection Bureau, “Electronic Fund Transfers (Regulation E),” Final Rule, 12 CFR Part 1005, 2013, http://files.consumerfinance.gov/f/201304_cfpb_final-rule_remittance-transfers.pdf (accessed August 25, 2016).
 Ibid., pp. 3–4.
 See, for example, Masha Gessen, “Banking While Russian,” The New York Times, February 11, 2014, http://mobile.nytimes.com/2014/02/12/opinion/gessen-the-checks-in-the-mail.html (accessed August 25, 2016). Also see Manuel Orozco, Laura Porras, and Julia Yansura, “Bank Account Closures: Current Trends and Implications for Family Remittances,” Inter-American Dialogue, December 2015, http://www.thedialogue.org/wp-content/uploads/2015/12/AccountClosures_final_12.22.15.pdf (accessed August 25, 2016).
 One comprehensive study points out that the U.S. General Accounting Office (GAO; now the Government Accountability Office) made several unsuccessful attempts to study the effectiveness of SAR filings in terms of prosecutions and convictions. According to the GAO, as of 2002, FinCEN was unable to report whether any of its SAR-based referrals resulted in criminal prosecutions, meaning that researchers may never reach a definitive conclusion on the first three decades of the BSA/AML framework. See Levi and Reuter, “Money Laundering,” p. 342.
 One difficulty is that drug prosecutions often involve simultaneously charging perpetrators with money-laundering violations, thus making it difficult to tell whether law enforcement discovered a drug crime because of money laundering or vice versa. Furthermore, estimates of the total revenue from illegal drug trafficking in the U.S. vary so widely that “a decline of even 25 percent in a five-year period would be hard to detect with confidence.” Such uncertain estimates complicate estimating any causal relationships. Levi and Reuter, “Money Laundering,” p. 357.
 The FATF is an inter-governmental body established in 1989 at a G-7 summit in Paris. It originally consisted of the G-7 member states, the European Commission, and eight other countries, but it now has 37 members. See Financial Action Task Force, “History of the FATF,” http://www.fatf-gafi.org/about/historyofthefatf/ (accessed August 25, 2016). Also see Jason Sharman, “A Look at 20 Years of Anti-Money Laundering: Does the System Work,” IFC Review, January 10, 2011, http://www.ifcreview.com/restricted.aspx?articleId=3573 (accessed August 25, 2016).
 Terence C. Halliday, Michael Levi, and Peter Reuter, “Global Surveillance of Dirty Money: Assessing Assessments of Regimes to Control Money-Laundering and Combat the Financing of Terrorism,” Center on Law and Globalization, January 30, 2014, p. 7, http://www.lexglobal.org/files/Report_Global%20Surveillance%20of%20Dirty%20Money%201.30.2014.pdf (accessed August 25, 2016).
 Mariano-Florentino Cuellar, “The Tenuous Relationship Between the Fight Against Money Laundering and the Disruption of Criminal Finance,” Journal of Criminal Law and Criminology, Vol. 93, No. 2 (2003), pp. 312–466, http://scholarlycommons.law.northwestern.edu/cgi/viewcontent.cgi?article=7123&context=jclc (accessed August 25, 2016). Cuellar argues that the framework displays (among other problems) a “disproportionate imposition of severe penalties on predicate offenders who are easily detected.” In other words, AML charges tend to be simply added to the main offense rather than providing any independent benefit.
 Tom Naylor, Wages of Crime (Ithaca, NY: Cornell University Press, 2002), and Peter Alldridge, Money Laundering Law: Forfeiture, Confiscation, Civil Recovery, Criminal Laundering and Taxation of the Proceeds of Crime (Portland, OR: Hart Publishing Co., 2003).
 Levi and Reuter, “Money Laundering,” p. 340.
 American Bankers Association, “An Avalanche of Regulation,” 2014, p. 2, http://www.aba.com/Issues/Index/Documents/2014RegBurdenInfographic.pdf (accessed August 24, 2016), and Financial Crimes Enforcement Network, “Money Services Businesses,” in SAR Stats Technical Bulletin, No. 2, October 2015, https://www.fincen.gov/news_room/rp/files/SAR02/SAR_Stats_2_FINAL.pdf (accessed August 25, 2016).
 Levi and Reuter, “Money Laundering,” p. 340.
 Jennifer Shasky Calvery, FinCEN director, speech at the FSSCC–FBIIC Joint Meeting, New York, December 9, 2015, p. 2, https://www.fincen.gov/news_room/testimony/pdf/20151209.pdf (accessed August 25, 2016).
 In the wake of the 2008 crisis, some policymakers claimed that a benefit of BSA/AML compliance is financial stability in the banking sector, but this link is even weaker than the one between BSA/AML laws and crime reduction. For instance, one recently published scholarly article that blames the 2008 financial crisis partly on a lack of compliance with these rules simultaneously admits that “there is no clear evidence that full compliance from banks and other financial institutions with KYC principles would have averted, relieved, or even reduced the impact of the financial crisis of 2007 to 2009.” Genci Bilali, “Know Your Customer—or Not,” University of Toledo Law Review, Vol. 43, No. 2 (Winter 2012), p. 320.
 According to Federal Reserve research, this figure, which represents 0.20 percent, references banks with $50 million or less in assets. The research also suggests that an increase in cost of this size could cause more than 10 percent of these banks to switch from profitable to unprofitable. See remarks of Federal Reserve Governor Elizabeth A. Duke, “The Future of Community Banking,” delivered at the Southeastern Bank Management and Directors Conference, University of Georgia, Terry College of Business, February 5, 2013, http://www.federalreserve.gov/newsevents/speech/duke20130205a.htm (accessed August 25, 2016).
 Marshall Lux and Robert Greene, “The State and Fate of Community Banking,” Harvard Kennedy School M-RCBG Associate Working Paper No. 37, 2015, https://www.hks.harvard.edu/centers/mrcbg/publications/awp/awp37 (accessed August 25, 2016).
 American Bankers Association, “An Avalanche of Regulation,” p. 3.
 Office of Management and Budget, Office of Information and Regulatory Affairs, “Supporting Statement, Futures Commission Merchants and Introducing Brokers Customer Identification Program,” OMB Control Number 1506-0022, October 30, 2015, http://www.reginfo.gov/public/do/DownloadDocument?objectID=58650502 (accessed August 25, 2016).
 The costs would include the costs of FBI or IRS investigations, the costs of U.S. attorneys or other Justice Department attorneys prosecuting the violation, and the costs of training these investigators and attorneys plus the costs of incarcerating the convicted individuals.
 Filing tax information returns (as opposed to ordinary tax returns) cost taxpayers about $7 billion annually, based on OMB burden-hour estimates. See Scott A. Hodge, “The Compliance Costs of IRS Regulations,” Tax Foundation Fiscal Fact No. 512, June, 2016 http://taxfoundation.org/sites/taxfoundation.org/files/docs/TaxFoundation_FF512.pdf (accessed August 25, 2016).
 Total costs from Table 2 of $4,813–$8,013 million divided by 45 convictions.
 Internal Revenue Service, “Statistical Data–Money Laundering & Bank Secrecy Act (BSA),” October 2015, https://www.irs.gov/uac/statistical-data-money-laundering-bank-secrecy-act-bsa (accessed August 25, 2016).
 $4,813 million / 691 convictions = $7 million per prosecution. $4.8 billion is the lower bound of our cost estimate and 691 is the largest number of convictions reported.
 U.S. Sentencing Commission, “Final Quarterly Data Report,” 2015, p. 8, http://www.ussc.gov/sites/default/files/pdf/research-and-publications/federal-sentencing-statistics/quarterly-sentencing-updates/USSC-2015_Quarterly_Report_Final.pdf (accessed August 25, 2016), and U.S. Sentencing Commission, “Final Quarterly Data Report,” 2006, p. 8, http://www.ussc.gov/sites/default/files/pdf/research-and-publications/federal-sentencing-statistics/quarterly-sentencing-updates/USSC_2006_Quarter_Report_Final.pdf (accessed August 25, 2016).
 Financial Crimes Enforcement Network, “FY 2017 President’s Budget,” February 9, 2016, p. 4, https://www.treasury.gov/about/budget-performance/CJ17/14.%20FinCEN%20FY%202017%20CJ.PDF (accessed August 25, 2016).
 Halliday, Levi, and Reuter, “Global Surveillance of Dirty Money.”
 FinCEN’s FY 2016 budget was $113 million. The Internal Revenue Service, Department of Justice, and other government resources devoted to AML activities are not known to the authors. In addition, the U.S. provides a large share of the funding for various international organizations, such as the FATF. Comprehensive private compliance-cost estimates are measured in the billions.
 David R. Burton and Norbert J. Michel, “Financial Institutions: Necessary for Prosperity,” Heritage Foundation Backgrounder No. 3108, April 14, 2016, http://www.heritage.org/research/reports/2016/04/financial-institutions-necessary-for-prosperity.
 Michaela Erbenová et al., “The Withdrawal of Correspondent Banking Relationships: A Case for Policy Action,” International Monetary Fund, June 2016, https://www.imf.org/external/pubs/ft/sdn/2016/sdn1606.pdf (accessed September 1, 2016). U.S. regulators take a different view. See Emily Glazer and Aruna Viswanatha, “U.S. Defends Its Curbs on Money Laundering,” The Wall Street Journal, August 30, 2016, http://www.wsj.com/articles/u-s-banking-regulators-seek-to-dispel-certain-myths-on-anti-money-laundering-rules-1472583839 (accessed August 30, 2016).
 Lost economic activity from regulation of emerging technologies is especially difficult to estimate.
 Bitcoin was the original blockchain-based innovation. See Gerald Dwyer and Norbert J. Michel, “Bits and Pieces: The Digital World of Bitcoin Currency,” Heritage Foundation Backgrounder No. 3047, September 16, 2015, http://www.heritage.org/research/reports/2015/09/bits-and-pieces-the-digital-world-of-bitcoin-currency.
 Current policy ensures—for now, at least—that federal regulators will not treat individuals who transfer bitcoins to each other as money transmitters. FinCEN’s official guidance states: “A person that creates units of…virtual currency and uses it to purchase real or virtual goods and services is a user of…virtual currency and not subject to regulation as a money transmitter.” For the most part, FinCEN guidance and a Treasury/FinCEN Final Rule have updated federal regulations for money-service business (MSBs) to allow digital currency transfers without additional burdens. See FinCEN, “Guidance: Application of FinCEN’s Regulations to Persons Administering, Exchanging, or Using Virtual Currencies,” March 18, 2013, http://www.fincen.gov/statutes_regs/guidance/html/FIN-2013-G001.html (accessed August 25, 2016), and “Bank Secrecy Act Regulations; Definitions and Other Regulations Relating to Money Services Businesses,” Federal Register, Vol. 76, No. 140 (July 21, 2011), p. 43585, http://www.gpo.gov/fdsys/pkg/FR-2011-07-21/pdf/2011-18309.pdf (accessed August 25, 2016), amending 31 CFR Parts 1010, 1021, and 1022.
 Bitcoin transactions are not anonymous, but they are referred to as pseudo-anonymous. That is, the transaction does not provide a user with complete anonymity. The name or any other direct information about a person sending or receiving bitcoins is not included in the transaction, but such information can (typically) be linked to the transaction. See Dwyer and Michel, “Bits and Pieces: The Digital World of Bitcoin Currency.”
 Department of the Treasury, “Public Input on Expanding Access to Credit Through Online Marketplace Lending,” Billing Code 4810-25-P, July 17, 2015, https://www.treasury.gov/connect/blog/Documents/RFI%20Online%20Marketplace%20Lending.pdf (accessed August 25, 2016).
 Title III, The Jumpstart Our Business Startups Act, Public Law 112–106, April 5, 2012.
 FinCEN, “Amendments to the Definition of Broker or Dealer in Securities,” Federal Register, Vol. 81, No. 64 (April 4, 2016), pp. 19086–19094.
 Securities and Exchange Commission, Proposed Rule, “Crowdfunding,” Federal Register, Vol. 78, No. 214, November 5, 2013, release nos. 33-9470 and 34-70741, file no. S7-09-13, p. 66428, and Financial Industry Regulatory Authority “FINRA Requests Comment on Proposed Funding Portal Rules and Related Forms,” Regulatory Notice 13-34, October 2013.
 Securities Act §4(b)(2)(B).
 David R. Burton, “Thinking Anew About Information Exchange and Reporting,” Cayman Financial Review, January 15, 2014, http://www.caymanfinancialreview.com/2014/01/15/thinking-anew-about-information-exchange-and-reporting/ (accessed August 25, 2016). For the text of one such proposed convention, see Task Force on Information Exchange and Financial Privacy, “Report on Financial Privacy, Law Enforcement and Terrorism,” including the “Convention on Privacy and Information Exchange,” May 1, 2002, p. 48, http://iret.org/pub/Final_ReportR15small_forIRET1.doc (accessed August 25, 2016).
 The United States government should invite governments that meet these criteria to sign the convention, and the convention should provide that participation may be expanded only upon unanimous consent that a prospective candidate meets the criteria. Obvious candidates for inclusion would be EU allies without major corruption problems, Australia, Canada, Japan, New Zealand, South Korea, and Switzerland. For a list of countries with corruption problems, see 2016 Index of Economic Freedom, “Freedom from Corruption” (third column from the left), (Washington, DC: The Heritage Foundation, 2016), http://www.heritage.org/index/explore. Bulgaria, Greece, Romania, and Turkey, for example, are NATO members but have corruption problems. Turkey rates only a 45 Index score (of 100) and Bulgaria, Greece, and Romania rate only a 43. The U.S., in contrast, rates a 74, the U.K. rates a 78, and Denmark a 92.
 Burton, “Two Little Known Tax Treaties Will Lead to Substantially More Identity Theft, Crime, Industrial Espionage, and Suppression of Political Dissidents.”