The FinCEN Evolution

FinCEN officially turned 35 (1990) this year which means the Bank Secrecy Act (BSA) turned 55 (1970).

For those that remember [1], FinCEN's original offices were housed in a nondescript, three-story building in Arlington, Virginia across from a funeral home and crematorium. It was a utilitarian space with old, buckling carpets and scarce parking, which often forced people to use a nearby public library's lot. Despite being a new, fledgling agency facing many uncertainties, it was destined for a promising future.

During its formative years, FinCEN was a very dynamic place defined by an enthusiastic and collaborative atmosphere, where its personnel were eager to take on new challenges. The original directors were approachable and deeply involved in the mission to establish FinCEN as a pioneering force in the global fight against illicit finance. FinCEN was an early adopter of advanced technology, utilizing neural networks and expert systems, and it invested heavily in analytics like visualization and link analysis. This forward-thinking approach set the gold standard for compliance reporting and the detection of financial crimes throughout the globe.

However, before FinCEN was officially established, the financial regulatory landscape was highly fragmented. Federal agencies like the IRS and OCC, along with several states, had their own distinct BSA reporting rules. This included the six original states with duplicate filing requirements:

• Arizona (Attorney General's Office)
• Florida (Florida Department of Law Enforcement - FDLE)
• Maryland (Maryland State Police)
• New York (NY State Banking Department)
• Texas (Texas Department of Public Safety)
• Utah (Department of Public Safety)

Furthermore, other states, like Nevada, had specialized reporting requirements and exemptions for casinos. This disjointed approach often created redundant filing requirements for SARs (Suspicious Activity Reports) and CTRs (Currency Transaction Reports). Thus, FinCEN was established, in part, to act as a clearinghouse for all BSA matters and a central collection authority for the data. FinCEN was also tasked with setting and enforcing standards and regulatory compliance to create a unified strategy for combating financial crimes.

Before the widespread adoption of the internet in the mid-1990s, the reporting of BSA data was a cumbersome and manual process. Regulated institutions often submitted physical paper forms, which were manually entered into the Currency Banking Retrieval System (CBRS) operated by the IRS; a process that was time-consuming and prone to standard data-entry errors including misreads, typos, and substitutions.

The transition to a fully electronic system wasn't mandated until 2012 with the launch of the modernized BSA E-Filing System. The move to electronic filing was also accompanied by a major effort to consolidate the many fragmented forms that existed. Initially, different government agencies and industries used their own distinct forms. Under the FinCEN modernization through the BSA E-Filing, they have been merged into a handful of standardized reports effective 2013 as shown below:

>Suspicious Activity Reports (SARs):

• Original Forms: TD F 90-22.47 (SAR-Depository Institutions), FinCEN Form 101 (SAR Securities & Futures Industries), FinCEN Form 102 (SAR Casino & Club Cards), FinCEN Form 109 (SAR for Money Services Businesses).
• Current Form: FinCEN Report 111 (Unified SAR).

 >Currency Transaction Reports (CTRs):

• Original Forms: IRS Form 4789, FinCEN Form 103 (CTR by Casinos), FinCEN Form 104 (CTR).
• Current Form: FinCEN Report 112 (Unified CTR).

>Other Forms: Report of International Transportation of Currency or Monetary Instruments (CMIR) and Report for Foreign Bank and Financial Accounts (FBAR)

• Original Forms: Customs Form 4790 (CMIR), TD F 90-22.1 (FBAR).
• Current Forms: FinCEN Report 105 (CMIR) and FinCEN Report 114 (FBAR).

The primary collection includes these updated forms in addition to other specialized collections such as the FinCEN Report 110 (Designation of Exempt Person: DEOP), FinCEN/IRS Form 8300 (Cash Payments Over $10,000 Received in a Trade or Business), and the new Beneficial Ownership Information Report (BOIR).

Today, the FinCEN Query System (FCQ) stands as the current search and analysis application, holding hundreds of millions of records received from over +294,000 registered financial institutions and other electronic filers. Accessible only to authorized users through the official FinCEN Portal, the FCQ replaced the older (web)CBRS system to become the centralized point of access for all BSA data. This vast network of reporting and analysis is the source of FinCEN's significant impact. 

Recent publications [2][3] show that FinCEN has several hundred active memorandums of understanding with external law enforcement, intelligence, and regulatory agencies, covering more than +25,000 users. This results in millions of searches of BSA data using the FCQ. Furthermore, a handful of federal agencies have full replication (bulk-download) of FinCEN's data for integration directly into their own repositories and operations.

BSA data is a foundational resource for a wide range of agencies conducting financial crime investigations, making it a standard cross-check query for many government inquiries. For example, nearly 90% of IRS Criminal Investigations (CI) cases utilize BSA data [4], while the FBI leverages it in thousands of cases [5] involving transnational criminal activity, public corruption, international terrorism, and organized crime. Similarly, Homeland Security Investigations (HSI) relies on BSA data for a broad spectrum of criminal investigations, leading to indictments, convictions, and the seizure of billions in assets, including currency, virtual assets, and bulk cash. Additionally, there are over +100 SAR Review Teams or Task Forces across the US and these collaborative, multi-agency teams operate within each of the federal judicial districts for each of the 94 U.S. Attorney's Offices (USAO) to proactively identify high-value targets operating within their specific geographic jurisdictions.

Despite the agency's relatively small size—with a core staff of approximately 350 and an annual budget of around $216 million—FinCEN maintains significant in-house capabilities with intelligence professionals, financial specialists, and computer experts, supplemented by expertise from detailees from other federal agencies. The success of this collaboration is evident across many investigations and prosecutions and FinCEN annually recognizes agencies for notable pursuits that have used BSA data to combat illicit activities such as cybercrime, proliferation, corruption, fraud, drug trafficking, transnational crime, human trafficking, and smuggling. 

A compilation of cases where BSA data is instrumental was recently published [6] by FinCEN, with several synopses provided below.

• Air Force Office of Special Investigations (AFOSI): Utilized BSA data to expose an overseas counterfeit ring that conducted thousands of fraudulent transactions.
• Bureau of Alcohol, Tobacco, and Firearms (BATF): Used BSA data to investigate wire fraud and stolen firearms, successfully identifying a subject who used multiple aliases and accounts.
• Department of Agriculture (USDA) & FBI: Investigated a public corruption case involving the embezzlement of grants intended for the Child and Adult Care Food Program and the Summer Food Service Program.
• Department of Defense (DOD): The Office of Inspector General (OIG) employed BSA data in cases of fraud, proliferation financing, and contractor fraud. The Defense Criminal Investigative Service (DCIS) also used the data to expose a conspiracy, kickbacks, and contract fraud at a foreign U.S. Army base.
• Department of Justice (DOJ): The Civil Rights Division's Criminal Section leveraged BSA data to investigate human trafficking and human smuggling cases.
• Diplomatic Security Service (DSS): Leveraged BSA data to investigate passport identity fraud involving dozens of fictitious accounts, mortgage fraud, and improper PPP loans.
• Drug Enforcement Administration (DEA): Used BSA data to investigate transnational criminal organizations.
• Federal Deposit Insurance Corporation (FDIC) Office of Inspector General (OIG): Targeted fraudulent government programs that exploited funding from the CARES Act and Paycheck Protection Program (PPP) using BSA data, which revealed the use of shell companies and dormant businesses.
• IRS Criminal Investigation (CI): Employed BSA data for cases involving fraud, corruption, and the use of synthetic identities.
• U.S. Attorney’s Office (USAO) Eastern District of Missouri: Relied on BSA data to expose a telemarketing fraud scheme targeting elderly victims and to uncover concealed assets and cryptocurrency transactions.
• U.S. Marshals Service (USMS): In a joint effort with the Department of Health and Human Services (HHS) Office of Inspector General (OIG) and the FBI, the USMS used BSA data to investigate potential Medicare fraud schemes.
• U.S. Postal Inspection Service (USPIS): Used BSA data to pursue an online romance scam, leading to the indictment of a man who used multiple identities to defraud dozens of women. He was ultimately charged with wire/mail fraud, aggravated identity theft, and money laundering.
• U.S. Secret Service (USSS): Leveraged BSA data in a significant corruption case involving cybercrime, fraud, and business email compromise (BEC) schemes to reveal a pattern of suspicious government credit card purchases leading to charges of bribery, wire fraud, and aggravated identity theft.

Improving Outcomes with Entity Resolution

Like any large-scale analytical enterprise managing vast, multi-source data repositories, FinCEN faces a central challenge: extracting timely, mission-relevant intelligence from massive volumes of raw information. Addressing this challenge demands the effective integration of Entity Resolution (ER) across the expansive Bank Secrecy Act (BSA) data ecosystem. ER is the critical process of identifying and linking records that correspond to the same real-world entity—whether an individual, organization, or location—across disparate data sources, thereby revealing concealed networks and relationships. The scale of this undertaking is extraordinary: nearly 300,000 registered financial institutions collectively submit more than 75,000 reports (and growing) to FinCEN each day.

Harmonizing this data—particularly when integrating external or 3rd party sources—demands a deep understanding of collection methodologies, data structures, and the semantics of the values they contain. Even seemingly minor inconsistencies, such as name variations, aliases, or misspellings, can conceal critical insights. As a result, effective ER is indispensable to achieving a comprehensive and accurate view of complex financial networks, ensuring that records are correctly linked and data consolidated across individuals, organizations, and their financial activities. 

Each BSA submission to FinCEN contains key details about reported activity—such as dates, times, amounts, and descriptions. Although these data elements may vary in format, transformation and standardization processes ensure consistent representation. For instance, phone numbers like (123) 456-7890, 123.456.7890, and 1234567890 can be standardized to a single format. Similarly, address data can be normalized using standard parsers, abbreviation lists, lookup tables, or machine learning tools [*end-note]. Other identifiers—such as driver’s license or passport numbers, IP addresses, and email addresses—are inherently unique and serve as distinct analytical entities unlikely to be confused with similar values. The following are representative of libraries that can be used for ER related calculations:

• Name aliases: https://www.nominodata.com/
• Name translations: https://www.cjk.org/data/
• Name phonetics: https://yomguithereal.github.io/talisman/phonetics/
• Address standardization (LibPostal): https://github.com/openvenues/libpostal
• Phone standardization (LibPhone): https://github.com/google/libphonenumber
• Geocoding: https://nominatim.org/
• Distance calculators: https://data.nber.org/distance/
• Zipcode look-ups: https://publicapi.dev/category/geocoding
• IP-Lookup/Domains: https://iplocation.io/ or https://myip.ms/

Consolidation becomes significantly more challenging when working with less distinctive attributes, such as personal names, which often lack the specificity required for accurate resolution. For instance, a common name like “John Smith” (unlike Maxillion Von Goldenthorn) cannot be reliably distinguished without additional contextual information. Even slight variations—such as “Jonathan Smith” or “Jon Smyth”—further complicate efforts to identify a single, unique individual.

To address this ambiguity, entity resolution must leverage descriptors to establish distinct identities. These descriptors may include demographic details such as gender, date of birth, or age; physical characteristics like height and weight; and unique identifiers such as Social Security numbers, driver’s licenses, passports, or other forms of ID. Without these distinguishing attributes, datasets are prone to inaccuracies and inefficiencies, undermining the effectiveness of investigations.

BSA Format & Queries

For more than twenty years, the Bank Secrecy Act Electronic Filing System (BSA E-Filing) has offered regulated entities a secure, electronic means of submitting BSA forms. The system allows filers to generate and submit well-structured XML “batch” files containing one or multiple forms, ensuring adherence to the XML schema and user guide for each form type. FinCEN collects and stores this data, which is subsequently accessible through the FinCEN Query System (FCQ).

All BSA forms in XML format employ consistent conventions for data types such as addresses, identification numbers, phone numbers, email addresses, URLs, and other supporting details. This standardization also applies to the “parties” involved in the filings, including individuals, suspects, owners, institutions, referrals, law enforcement contacts, and bank officials. Each party’s role in the reported activity is specified using a straightforward numerical lookup code. 

FinCEN provides the XML format specifications for each BSA form, ensuring uniform data exchange across filers. These specifications offer a structured framework for reporting transactions and associated parties. The XML formats are found here:

• XML SAR Report
• XML CTR Report
• XML 8300 Report
• XML FBAR Report

Effective analytics require a clear understanding of the underlying XML structures and their impact on entity resolution. Each reported activity—whether a SAR, CTR, 8300, FBAR, CMIR, DEOP, or BOI—is assigned a unique ActivityID that encompasses all related information. Within this activity container, all involved parties are identified according to the specific form requirements. Every party—whether the filing institution, a bank representative, or the subject of the activity—is represented by a single, unique PartyID within the activity. Each Party record can include multiple sub-entities to capture all associated addresses, phone numbers, identification numbers, email addresses, and names. Although each BSA form is slightly different, Figure 1 illustrates this representative structure where the Party structure contains at least 1 or more PartyNames (up to 99 occurrences) and 0 or more related Address, PhoneNumber, or PartyIdentification references.

As shown in the simplified FinCEN XML example in Figure 2, an Activity (e.g., 111…) can include a Party (e.g., 222…) with multiple PartyName entries (e.g., 333… and 444…), representing, for instance, a “Legal Name” and an “Also Known As (AKA)” name. For clarity, other XML fields associated with the Activity, Party, and PartyName have been omitted.

Each party record is mandated to include a "legal" name and may also contain zero or more "Also Known As" (AKA) or "Doing Business As" (DBA) entries and every name-variation is assigned a unique PartyNameID. When FinCEN processes a form, it assigns a distinct PartyID to each listed party. Consequently, if the same bank submits multiple SARs or CTRs concerning the same individual, each submission receives a new PartyID, resulting in different identifiers for each ActivityID within the FinCEN BSA E-filing database. Net-net, even if the same person appears in multiple reports, each submission gets its own identifier, so the same person can appear multiple times in the system.

While this method of data representation is typical for many government systems, it creates ER challenges, particularly compounded by name variations. For instance, if one bank records an individual as JON SMITH and another bank as JOHNNY SMITH, a query searching for JOHN SMITH might overlook crucial data. Although a skilled analyst might try to account for these variations or use other identifying information such as address, phone number, email, identification number, or related entities and accounts, each of these attempts necessitates different queries. This forces the analyst to manually track numerous entities and values and subsequently synthesize all the results into a coherent diagram, a time-consuming and potentially error-prone process.

This limitation affects highly specific queries, such as searches for a particular name. It also impacts operations like SAR-review-teams or other investigations using proactive queries, such as "all transactions for a specific region within a defined timeframe" (e.g., all SARs filed in Miami, FL in the past six months). If the underlying data is not properly resolved and aligned, the results may display numerous disconnected networks or overly dense representations due to the sheer number of entities present.

Figure 3 illustrates two very similar entities originating from a SAR and a CTR. While basic data cleaning can readily standardize their phone numbers, identification numbers, and addresses, and the names are also highly similar, standard analytical systems would likely treat them as distinct. Applying Entity Resolution (ER) to this combined data would significantly improve the accuracy and reliability of the results. Varying the stringency of the matching criteria by using different combinations of data fields (such as name and address, name and identification number, name and phone number, or any combination) would further enhance the confidence in the resolved entities.

Entity Structure

The primary goal is to deliver a more complete, accurate, and dependable representation of all critical data supporting investigations. While the examples here focus on BSA content, the true analytical value multiplies when this data is integrated with other sources—such as government databases, social media, open-source intelligence, and commercial datasets.

To strengthen the BSA XML framework, agencies should establish their own Entity structure built around a dedicated EntityID. This process—ideally performed during data ingestion—would apply entity resolution (ER) matching templates to identify high-confidence equivalents. Each match could be assigned an EntityScore to quantify reliability, with additional fields defining match characteristics and relevant criteria. Less stringent matching thresholds could be applied selectively for specialized analytical domains, such as counterterrorism or threat finance, where broader associations are operationally valuable.

An Entity-based framework would also enable many-to-one mappings within the BSA XML model, extending beyond Party-structures to encompass phone numbers, addresses, identification numbers, emails, IP addresses, and accounts. With this approach, a search for any individual data point would immediately retrieve its associated record and—through a single link—all related information across entities, creating a unified and comprehensive analytical view. Figure 4 depicts this representation.

Ideally, FinCEN would establish a standardized Entity baseline across the entire BSA dataset, similar to the FinCEN ID used in the BOI framework. This enhancement would substantially increase confidence in BSA-derived insights, ensuring that results extracted from the FinCEN Query System (FCQ) are both complete and accurate.

Conclusion

Over the past 35 years, FinCEN has undergone a profound transformation in how it collects, manages, and applies data to combat financial crime and protect the integrity of global financial systems. By embracing early technological innovations, FinCEN has evolved into a dynamic, data-centric intelligence platform capable of generating deeper insights and more actionable intelligence on illicit financial activity. The transition to electronic reporting consolidated numerous disparate forms into a standardized, unified framework—enhancing consistency, efficiency, and analytical capability across FinCEN and throughout the broader U.S. government.

This modernization has set the stage for FinCEN’s next major advancement: Entity Resolution (ER). As millions of records flow-in from thousands of institutions, the challenge is no longer simply gathering data—it’s refining, linking, and contextualizing it to maximize its value. ER technology serves as the critical link, automatically reconciling fragmented or duplicate records into single, coherent entity profiles. This foundational capability enables analysts to uncover hidden relationships, identify networks of concern, and prioritize the most significant risks with precision and confidence.

As criminal enterprises become more adaptive and the threats of money laundering and terrorist financing grow increasingly complex, FinCEN’s mission has never been more vital. By integrating ER with advanced artificial intelligence and machine learning to detect sophisticated patterns and schemes, FinCEN is redefining how financial intelligence is used to safeguard national security. Strengthened by these capabilities, FinCEN continues to solidify its role as a central hub within the law enforcement and intelligence communities—delivering the leads, insights, and connections that drive investigations and disrupt illicit networks.

References

[*] https://www.buzzfeednews.com/article/jasonleopold/fincen-files-financial-scandal-criminal-networks

[1] https://www.fincen.gov/sites/default/files/shared/FincenOurStory.pdf 

[2] https://oig.treasury.gov/system/files/2023-09/OIG-23-030.pdf

[3] https://www.fincen.gov/system/files/shared/FinCEN_Infographic_Public_508FINAL_2024_June_7.pdf

[4] https://www.fincen.gov/system/files/shared/FinCEN_Infographic_Public_2023_April_21_FINAL.pdf

[5] https://www.fincen.gov/system/files/shared/FinCEN-Infographic-Public-2025-508.pdf

[6] https://www.fincen.gov/news/news-releases/fincen-holds-annual-ceremony-recognize-law-enforcement-cases-supported-bsa-data

[End Note]

FinCEN improves the raw address data submitted by regulated filers through address-specific processing (derived values) during data ingestion. These steps, similar to an Extract, Transform, Load (ETL) process, occur after submission and are integrated into the core XML record. This standardization adds analytical value to the data, and because the enhanced values are tied to fixed addresses, they tend to remain consistent and stable over time.

These additional fields can be integrated into analytical platforms to support more proactive identification of potentially suspicious activity. For example, the EnhancedAddressTypeText field stores a single-character code that defines the general address type. This information can reveal meaningful patterns—such as military addresses for DoD review, PO boxes used to obscure identity, rural addresses appearing in urban contexts, or commercial addresses listed as residential. The currently used codes include:

• B: Mailbox at a building
• F: Mailbox at a company or firm
• G: General delivery address
• H: High-rise default address
• L: Mailbox as a large volume receiver
• M: Military address.
• P: PO Box in the address
• R: Rural route mailbox
• S: Mailbox at a street address
• U: The address was not validated or corrected

The EnhancedConfidenceLevelCount corresponds to “mailability scores” used by various commercial platforms to estimate the likelihood that mail can be successfully delivered to a given address. This element reflects the system’s confidence that the enhanced address will reach its intended destination. Since filers may occasionally provide inaccurate, transposed, or fabricated addresses, this measure helps assess the reliability of submitted address data.

• 0: Undeliverable
• 1: Risky
• 2: Fair
• 3: Should be fine
• 4: Almost certain
• 5: Completely confident 

The EnhancedGeoStatusIndicator reflects the level of geographic accuracy provided by address validation services when generating geocodes. It indicates whether the result corresponds to a rooftop location or a ZIP code centroid. Geocodes—latitude and longitude coordinates expressed in decimal degrees—conform to the World Geodetic System 1984 (WGS84) standard and are stored in the EnhancedGeoCompleteText field.

• <EnhancedGeoCompleteText>38.91699, -77.23694 WGS84 </EnhancedGeoCompleteText>
• <EnhancedGeoLatLongUnitText>WGS84</EnhancedGeoLatLongUnitText>
• <EnhancedGeoStatusIndicator>9</EnhancedGeoStatusIndicator>

The values corresponding to EnhancedGeoStatusIndicator results include:

• 0: Geocodes are not available for the address.
• 1: Reserved for future use.
• 2: Reserved for future use.
• 3: Reserved for future use.
• 4: Geocodes are partially accurate to the postal code level.
• 5: Geocodes are accurate to the postal code level.
• 6: Geocodes are accurate to the locality level.
• 7: Geocodes are accurate to the street level.
• 8: Geocodes are accurate to the house number level.
• 9: Geocodes are accurate to the arrival point or rooftop.
• A: Geocodes are accurate to the center of the parcel of land.
• C: The geocode database is corrupted.
• N: Cannot find the geocode database.
• U: The geocode database is not unlocked.

The full list of “enhanced” address related fields is shown below:

• EnhancedAddressDeliveryLine2Text
• EnhancedAddressRecipientText
• EnhancedAddressRecipient2Text
• EnhancedAddressTypeText
• EnhancedAMASStatusText
• EnhancedCASSStatusText
• EnhancedCBSAIDText
• EnhancedCensusBlockGroupText
• EnhancedCensusBlockNumberText
• EnhancedCensusTractNumberText
• EnhancedCityText
• EnhancedConfidenceLevelCount
• EnhancedCountryCodeText
• EnhancedCountryID
• EnhancedCountrySpecificLineText
• EnhancedCountryText
• EnhancedCountyFIPSCodeText
• EnhancedCountyText
• EnhancedDeliveryLine1Text
• EnhancedDeliveryServiceText
• EnhancedElementRelevanceText
• EnhancedFormattedLine1Text
• EnhancedFormattedLine2Text
• EnhancedFullAddressText
• EnhancedGeoCompleteText
• EnhancedGeoLatLongUnitText
• EnhancedGeoStatusIndicator
• EnhancedInputStatusText
• EnhancedMSAIDText
• EnhancedProcessStatusText
• EnhancedResultNumberText
• EnhancedResultPercentText
• EnhancedResultStatusText
• EnhancedSERPStatusText
• EnhancedSNAStatusText
• EnhancedStateCodeText
• EnhancedStateCodeDescription
• EnhancedStateFIPSCodeText
• EnhancedStateID
• EnhancedStreetAddress1Text
• EnhancedStreetAddress2Text
• EnhancedSupplementGreatBritainStatusText
• EnhancedSupplementUSStatusText
• EnhancedZIPCode
• HIDTAPresentIndicator
• HIFCAPresentIndicator