Using the FinCEN Information Request List -- ChoicePoint/Bridger

The FinCEN list is pursuant to Title III of the Patriot Act, Section 314. Please read this section and all of its subsections, (a), (b), (c) and (d). This list is intended to assist you in reporting to the federal government the activities, locations, business dealings etc. of those listed who are potentially related to terrorism actions/groups/individuals and/or narcotics. It is intended for information sharing between you, your regulatory authorities and law enforcement.

In order to ensure you do not violate FCRA issues along with several other pieces of legislation, you must not perform any action beyond reporting to FinCEN unless otherwise guided by your regulator, counsel or law enforcement. A match on the FinCEN list is to be handled in a completely separate manner than that of an OFAC match against the SDN list.

You are advised to review the following FinCEN information links to learn more about the re-enactment of the list, how to obtain safe harbor protection if you wish to share the list with another non-related financial institution, etc. For information, go to: http://www.fincen.gov.

You are encouraged to pay special attention to maintaining the confidentiality of the list and how it is dispersed within your institution.

What do I do with this List?

Financial institutions that were contacted by FinCEN and provided an information request are required to scan their client information data base against the list. Please carefully read the instructions that accompanied your request from FinCEN. If you did not receive a request and you are aware of another institution being provided a list, you are not required to scan against that financial institution's list. Not every financial institution was sent a list the week of February 18, 2003.

If you received the list from FinCEN you are required to scan and report any true hits from the list. If you did not receive it directly from FinCEN or from a branch of your institution you can verify with FinCEN to confirm your required use.

How should I scan my institution's data against my FinCEN list?

The lists are provided by FinCEN in a table within a Word document. This format was selected because it was determined that this would be the easiest format for the greatest number of financial institutions involved. As a result, you may not be able to perform a full import to your software (if you use a software program). One recommendation is that you manually enter the names into a module in your software, if available, that will allow you to scan the names on the list against your client information database. After this entry, you will have a custom data list to scan against.

What do I do if I find a match?

If you find a match after scanning against the list and you determine it is not a false positive, there is no action required of you other than reporting the match to FinCEN. Please refer to their instructions as to how to report this information. These lists are unrelated to the OFAC and other government data files provided by software vendors.

Are there best practices information about how I should be set up to use this list?

The following list will get you started:

• Verify that you received the list directly from FinCEN- if so, you must scan with it. If you received it from a non-related third party, verify with FinCEN or your regulator that you are required to use the list, as you may not be required to do so.
• Again, read through completely the set of instructions FinCEN provided with your list.
• Follow up with a match against the list pursuant to the documentation and FAQ that was sent you in conjunction with the list from FinCEN.
• You are required to report a true hit, per the instructions. Remember, there is no action required of you other than reporting the match to FinCEN. This list and your response to hits are unrelated to the OFAC list. Again, please refer to the documentation and FAQ that you received from FinCEN.
• If you have questions on the system, process, etc. please contact your primary regulator. Additionally, you can contact the FinCEN Regulatory Help Line at: 800-949-2732.
• Financial Institutions will need to set up a relationship with FinCEN if they decide to share the list with other non-related financial institutions to get safe harbor protection, and they can do so at: http://www.fincen.gov/fi_infoappb.html(this relates to 314 (b) )
• Check the FinCEN web site educational pages regularly as this source will provide you with up to date information regarding Section 314 and the list.
• Develop a short policy and procedure document for your institution covering

1. How to use the FinCEN list (to be included with your Patriot Act compliance policies and procedures for your Customer Information Program (CIP);
2. How to manage updates to the list;
3. How to scan with client data;
4. How employees are to report matches to the main compliance officer;
5. How to report to FinCEN; and
6. How you will maintain records of your compliance and matches (it isrecommended you be prepared to do so for 5 years.)

Financial institutions should refer questions about the list to their primary regulator or to FinCEN's Regulatory Help Line 800-949-2732.