FinCEN Issues Advisory and FAQs on Cyber-Events and Cyber-Enabled Crime (10/27)

On October 25, 2016 FinCEN issued an advisory and FAQs to financial institutions regarding their Suspicious Activity Report (SAR) obligations with respect to cyber-events, cyber-enabled crime, and cyber-related information as those terms are defined. The FAQs supersede previous FAQs issued in 2001. The advisory and FAQ also discuss collaboration between in-house BSA/AML teams (e.g., noting that the BSA/AML teams need not have personnel devoted to cybersecurity) and also encourage sharing cyber threat information with other financial institutions under Section 314(b) of the Patriot Act, which extends a safe harbor from liability to financial institutions. The advisory and FAQ follow other efforts to encourage such sharing, such as the passage of the Cybersecurity Sharing Act passed in December 2015.