Financial privacy in the United States has been eroding for over 50 years. Much of this encroachment on the rights of Americans has been hidden in the weeds of old and complex policies. The issue was brought to the forefront of public discourse with two key events: the attempt in Congress in late 2021 to reduce Internal Revenue Service (IRS) bank reporting thresholds on customers to $600 and the use of the Emergencies Act in Canada in early 2022 to freeze the bank accounts of political protestors.1 With those two events, Americans saw not only that the U.S. government was willing to violate their financial privacy on an unprecedented level in the pursuit of greater tax revenue but also that the government in Canada—a nation that ranks even higher than the United States on the Cato Institute’s Human Freedom Index2—was willing to weaponize the financial system against its citizens to suppress unrest. While the latter event was north of the U.S. border, the same principles that made that attack on financial freedom possible are also engrained in U.S. law. In fact, it was less than a decade ago that the U.S. government pressured banks—in a project known as Operation Chokepoint—to deny financial services to politically disfavored businesses.3

Congress could, however, turn the tide and restore financial privacy in the United States. Congress could establish stronger financial privacy protections by eliminating many Bank Secrecy Act reporting requirements, enacting inflation-adjusted reporting thresholds for remaining requirements as well as the Internal Revenue Code, eliminating the exceptions in the Right to Financial Privacy Act, and establishing better public oversight for the Financial Crime Enforcement Network (FinCEN).

The Problem

The enactment of the Bank Secrecy Act in 1970 was met almost immediately with objections from groups concerned about violations of financial privacy.4 By forcing banks and other financial institutions to record and report the financial activity of Americans, the Bank Secrecy Act essentially deputized financial institutions as law enforcement investigators. Less than a decade later, Congress enacted the Right to Financial Privacy Act in response to complaints against the regime. Yet critically, while some progress was made, the Right to Financial Privacy Act was crafted with a list of exemptions that superficially exclude its protections in many situations.

Since then, the Bank Secrecy Act has been officially expanded numerous times as part of both the war on terror and the war on drugs. In addition to being required to file currency transaction reports (CTRs) whenever a customer makes a transaction over $10,000, financial institutions must file suspicious activity reports (SARs) anytime a customer’s activity might be interpreted as unusual. The result is that thousands of reports are filed every day against Americans for merely using their own money.

Moreover, inflation has unofficially increased the scope of activity that banks must report under the Bank Secrecy Act. For instance, the $10,000 threshold for CTRs was set in the 1970s but has never been adjusted for inflation. If it had, the threshold today would be closer to $75,000 (Figure 1).5 Considering Supreme Court Justices Lewis Powell and Harry Blackmun held in 1974 that the Bank Secrecy Act was constitutional but noted that they felt it was not an undue burden because of its “high” threshold, it’s only natural to wonder how they would characterize that burden under today’s circumstances.6

With such a broad scope, it is of little surprise that more than 20 million Bank Secrecy Act reports were filed to FinCEN in 2019 alone.7 This mass surveillance is conducted without so much as a warrant, and there is no way for the public to judge its effectiveness. FinCEN does not report any statistics regarding how the data from the reports are used. So, while some may be tempted to argue that combating financial crimes justifies infringing on financial privacy, there is little evidence to suggest that financial crimes are being effectively combated.

Worse yet, some government officials seek even larger collections of financial data. In early 2021, the Treasury Department introduced a proposal that, among other things, would require banks and other financial institutions to report on accounts in which $600 or more is moved over the course of a year.8 In late 2021, Congress largely removed the proposal from consideration after there was widespread backlash from both the general public and the financial industry. Yet, an echo of the proposal remained—one that required payments services (e.g., PayPal, Venmo, or CashApp) to report on accounts with over $600 of annual activity—and was ultimately enacted in the American Rescue Plan.9

With all these problems in mind, it’s no wonder that financial privacy is a serious concern for Americans across the country and across the political spectrum. Both privacy and trust have been cited as top concerns for why millions of Americans are unbanked.10 Likewise, the Pew Research Center found that an average of 59.5 percent of Americans are against the government monitoring American citizens.11 And Reuters found that 75 percent of Americans would not let investigators tap into their internet activity, even in order to combat terrorism.12 Finally and most recently, 66 percent of the comment letters on the Federal Reserve’s proposal for a central bank digital currency opposed the idea because of the risks to financial privacy.13

Privacy may mean different things to different people, but the fact remains that most Americans are concerned about their financial privacy in the wake of this unchecked surveillance. Restoring Americans constitutional protections is long overdue.

Solutions

There are several reforms that would help turn the tide and restore financial privacy in the United States.

  • Revise the Bank Secrecy Act. Congress should repeal the sections of the Bank Secrecy Act that require financial institutions to report on their customers. If financial records are needed, law enforcement should be required to show probable cause to obtain a warrant. Congress should amend 12 U.S.C. Sections 3402, 3413, and 3414 as well as 31 U.S.C. Sections 5313–16, 5318(a)(2), 5318A, 5321, 5325, 5326, 5331–32, 5341–5342, and 5351–55.
  • Eliminate the exceptions in the Right to Financial Privacy Act. Although the Right to Financial Privacy Act was well-intentioned, the list of exceptions included in the act eliminates the bulk of the protections it otherwise offers. For instance, customers are not notified that the government is seeking their financial data, and they are not given the opportunity to object if the information is for Bank Secrecy Act reporting. To offer the protections everywhere except where it really matters is tantamount to offering no protections at all. Congress should strike 12 U.S.C. Section 3413 (c)–(r).
  • Eliminate Section 6050I reporting requirements. No American should be forced by law to report on the activity of another American—especially when that activity is between only two parties. Yet, for financial transactions using cash or cryptocurrency, the law requires exactly that. Congress should strike 26 U.S.C. Section 6050I.
  • Require inflation adjustments for all Bank Secrecy Act and IRS payment thresholds. Optimally, financial reporting requirements would be removed from the Bank Secrecy Act. However, if some are maintained, they should be updated to reflect the current value of money. Reporting thresholds should be adjusted annually for inflation.
  • Require FinCEN to publicly report the number of SARs and CTRs that effectively curb financial crime. If Congress does not remove the reporting requirements of the Bank Secrecy Act, then FinCEN should be required to publicly report how many reports are received, reviewed, and requested by other governmental agencies. In addition, FinCEN should report how many reports resulted in a conviction, settlement, or additional charges in other investigations. The reports should make a clear distinction between criminal investigations that originated with SARs or CTRs and criminal investigations that merely used existing SARs or CTRs to strengthen existing cases.