Feature Compliance Strategy
FinCEN's June 2026 Update Turns Section 314(b) Into a Real-Time Fraud-Fighting Tool
FinCEN's June 12, 2026 guidance expanded the Section 314(b) safe harbor to explicitly cover fraud—wire fraud, bank fraud, mail fraud, computer fraud—without requiring an institution to connect the activity to money laundering first. Here's what changed, why it matters for BSA programs, and what enrollment and real-time sharing actually look like in practice.
Table of Contents
On June 12, 2026, FinCEN issued updated guidance on Section 314(b) of the USA PATRIOT Act that most compliance teams haven’t fully digested yet. The press release called it an effort to help financial institutions “eliminate fraud through information sharing.” The actual impact is more specific: FinCEN explicitly confirmed that fraud—wire fraud, bank fraud, mail fraud, computer fraud—is now a standalone basis for sharing information under 314(b), with full safe harbor protection, without requiring an institution to first connect that fraud to money laundering.
That’s a meaningful shift. And the institutions that understand it first will have a real operational advantage the next time a fraud attack hits.
TL;DR
- FinCEN’s June 12, 2026 guidance explicitly expanded the Section 314(b) safe harbor to cover fraud as a standalone basis for sharing—wire fraud, bank fraud, mail fraud, computer fraud—without requiring a money laundering nexus
- Real-time sharing is now explicitly permitted: verbal, written, or electronic platforms, not just formal written requests
- Most financial institution BSA/AML and fraud response procedures have no 314(b) sharing step—the update creates both an opportunity and a gap to close
- Annual re-certification for 314(b) enrollment is easy to miss—lapsed enrollment removes the safe harbor protection at exactly the moment it’s needed
- Synthetic identity fraud up 37% YoY, BEC losses at $3.046B in 2025—the fraud environment this guidance responds to is real and accelerating
What 314(b) Actually Does
Section 314(b) of the USA PATRIOT Act has been on the books since 2001, but it’s one of the most underutilized tools in financial institution fraud response. The statute creates a voluntary safe harbor: enrolled financial institutions can share information with other enrolled institutions about individuals, entities, and organizations they suspect may be involved in money laundering or terrorist financing—without liability for the disclosure.
For over two decades, the safe harbor language focused primarily on money laundering and terrorist financing. That framing created a practical problem: fraud cases don’t always present with clear laundering indicators. A business email compromise attack that moves $2 million through wire transfers is obviously criminal. But if the institution investigating it can’t immediately characterize the transfer as proceeds of a money laundering offense under 18 U.S.C. § 1956, was a 314(b) disclosure protected?
The June 2026 guidance answered that question directly. FinCEN confirmed that the specified unlawful activities covered by 314(b) include mail fraud, wire fraud, bank fraud, and fraud related to unauthorized computer access—and that institutions can share information about suspected fraud without needing to identify or allege a money laundering nexus first. Suspicion of fraud alone is enough to trigger the safe harbor.
The Fraud Environment That Drove the Update
This guidance didn’t arrive in a vacuum. FinCEN explicitly tied the update to a deteriorating fraud environment and the White House Task Force to Eliminate Fraud.
The numbers justify urgency. Business email compromise losses hit $3.046 billion in 2025 per the FBI’s IC3 Annual Report—the same statistic at the center of the AI-enhanced BEC threat facing financial institution incident response programs. Synthetic identity fraud—where fraudsters combine real and fabricated information to create identities that pass initial KYC checks—grew approximately 37% year-over-year according to FinCEN’s own SAR data. Consumer fraud losses to the FTC have increased consistently for the past four years.
These aren’t isolated incidents at individual institutions. They’re network-level attacks. The same fraudulent identity used to open an account at Bank A may be in use at Bank B and Credit Union C simultaneously. The same phone number used in a BEC social engineering attempt this week may appear in a synthetic ID application next week. Without a legal mechanism to share that information across institutional boundaries in real time, every institution fights the same fraud with no visibility into what its peers have already learned.
Section 314(b), as updated, is that mechanism.
What Changed in the June 2026 Guidance
Three changes from the June 12 update matter most for how institutions operationalize 314(b) sharing.
Fraud is now explicitly in scope as a standalone basis.
This is the headline change. Prior 314(b) guidance and FinCEN’s published fact sheet focused on money laundering and terrorist financing as the predicate for sharing. The June 2026 update explicitly confirmed that fraud—including wire fraud under 18 U.S.C. § 1343, bank fraud under 18 U.S.C. § 1344, mail fraud under 18 U.S.C. § 1341, and computer fraud—is a specified unlawful activity covered by the 314(b) safe harbor. An institution can share information about suspected fraud without needing to allege or demonstrate a money laundering connection.
This matters most for the fraud response workflow. When a wire operations employee discovers that an outgoing $500,000 transfer was fraudulently induced by a BEC attack, the priority is recovery—not characterizing the transaction as proceeds of a laundering offense. The updated guidance lets the institution call peer banks immediately, share the account numbers and phone numbers involved, and get those counterparties to freeze matching accounts—all while the SAR and regulatory notification process is still getting started.
Real-time sharing is explicitly permitted through any communication channel.
Prior 314(b) practice often focused on written requests because the formal documentation made the safe harbor protection clearer. The June 2026 guidance explicitly confirmed that sharing may occur verbally, in writing, or through electronic platforms. This isn’t just a procedural clarification—it changes what real-time fraud response looks like.
Under the updated guidance, an enrolled institution’s fraud investigator can call a peer institution’s BSA team, describe the fraud indicators, share account numbers and identity information, and get an immediate response. They can share via secure messaging platforms. They can share through consortium fraud intelligence networks that enrolled institutions participate in. The formal-request-only model that characterized some institutions’ 314(b) practice is no longer how the safe harbor needs to work.
No limitation on PII types that can be shared.
FinCEN clarified that sharing under 314(b) is not limited to particular categories of information. Names, Social Security numbers, account numbers, IP addresses, phone numbers, email addresses, biometric data, identity documents—all can be shared with enrolled peer institutions when the purpose is identifying or reporting suspected fraud or money laundering. This matters for synthetic identity fraud specifically, where sharing the specific identity document numbers, selfie images, or device identifiers associated with a fraudulent identity can help peers detect the same identity in their own onboarding queues.
How 314(b) Enrollment Works and Why Lapsed Enrollment Is a Problem
Enrollment in 314(b) is voluntary, free, and managed through FinCEN’s online portal. Any financial institution subject to BSA requirements can enroll. But there’s an annual re-certification requirement: enrolled institutions must re-certify their participation each year, and lapsed enrollment removes the safe harbor protection.
That creates a specific operational risk that doesn’t get enough attention. An institution that enrolled three years ago and hasn’t re-certified loses its protection. If it then shares fraud information with a peer institution under the assumption that its 314(b) safe harbor is active—and it isn’t—the sharing may not be protected. The liability exposure is real, even if enforcement for lapsed-enrollment disclosures is uncommon.
The practical check is straightforward: confirm current enrollment status at fincen.gov, confirm the annual re-certification date, and add that date to the BSA compliance calendar as a hard deadline. This is the kind of key risk indicator that belongs on the BSA team’s monthly monitoring dashboard—not something to catch at the annual BSA audit.
What Most BSA Programs Are Missing
The June 2026 guidance creates an opportunity. It also reveals a gap.
Most financial institution BSA/AML programs have procedures for SAR filing, transaction monitoring, CDD, and customer notification. Almost none have a procedure for Section 314(b) information sharing as a fraud response step. The procedures exist for the retrospective obligations—filing a SAR, notifying regulators—but not for the real-time coordinated response that 314(b) now clearly enables.
The gap shows up in fraud response playbooks as well. When a fraud team discovers that a customer’s account was drained by a fraudulent wire transfer, the steps are: freeze the account, initiate recall, call IC3, escalate internally, begin SAR documentation. There’s no step that says: “Contact enrolled peer institutions who may have accounts held by the same fraudster and share the fraud indicators.”
That step is now explicitly sanctioned, with safe harbor protection, under the June 2026 guidance. The question is whether your fraud response procedure captures it.
The Marquis Software breach illustrated what coordinated vendor-level compromise looks like when 80 institutions are fighting the same problem in isolation. Fraud attacks on the financial system have the same character—the same fraudulent identities, the same attacker infrastructure, the same techniques moving from institution to institution. The 314(b) network is the mechanism for turning those individual fights into a coordinated defense.
The Synthetic Identity Fraud Use Case
Synthetic identity fraud is where the June 2026 guidance has the most immediate operational impact that goes beyond wire fraud and BEC.
Synthetic identity fraud—creating fictitious identities by combining real SSNs (often stolen from children or people with thin credit files) with fabricated names, dates of birth, and contact information—is one of the fastest-growing fraud types in the financial sector. These identities pass initial KYC checks because the SSN is real. They build credit slowly over time. The fraudulent identity may be in use at multiple institutions simultaneously, accumulating credit limits across lenders before a coordinated “bust-out” where all available credit is drawn down at once.
The specific indicators that distinguish a synthetic identity from a legitimate one—device fingerprints, email addresses, phone numbers, the specific combination of real and fabricated identity elements—are exactly what 314(b) now allows institutions to share in real time. If your fraud team identifies a synthetic identity in your onboarding queue, the June 2026 guidance allows you to immediately contact enrolled peer institutions and share the identity markers, so they can check whether the same identity is in their pipeline before credit is extended.
This is particularly valuable because the time pressure on synthetic fraud is different from wire fraud. With wire fraud, the 72-hour recovery window creates urgency around fund freezing. With synthetic fraud, the opportunity to interdict is at the point of account opening or credit extension—and real-time sharing can interrupt that process across multiple institutions simultaneously.
What to Add to Your BSA Compliance Program
Five concrete additions that most programs are missing:
1. A 314(b) sharing step in your fraud response procedure. Explicitly add, to your BEC/wire fraud and synthetic identity fraud response playbooks, a step to contact enrolled peer institutions when you’ve identified fraud indicators. The step should specify who is authorized to make the disclosure, what information they can share, and how to document the disclosure.
2. A 314(b) enrollment verification in your BSA compliance calendar. Add annual re-certification to your compliance calendar as a hard deadline. Confirm current enrollment status at fincen.gov before your next SAR or fraud review. If your institution is not enrolled, the enrollment process takes approximately 5–10 minutes and is free.
3. A peer institution contact list for fraud sharing. The 314(b) network is only useful if you know who to call. Before an incident, identify the BSA contacts at your key correspondent banks, your largest peer institutions by geography or product line, and any consortium networks your institution participates in. Confirm that those institutions are enrolled. Exchange contact information for fraud response—not just for formal written requests, but for real-time calls.
4. Documentation practices for 314(b) disclosures. Even though the safe harbor covers verbal sharing, your institution should document what was shared, with whom, when, and the factual basis for the sharing. This documentation protects the institution if the disclosure is ever questioned, and it supports your SAR filing by creating a record of concurrent fraud activity across institutions.
5. KRIs for your 314(b) program. If your institution never uses 314(b), that’s a KRI—it suggests either that the program isn’t embedded in fraud response workflows, or that enrollment has lapsed. Key risk indicators for 314(b) participation include: number of 314(b) disclosures made (outbound) and received (inbound) per quarter, re-certification date currency, and whether the fraud response procedure includes a 314(b) step. These belong on the BSA team’s monthly monitoring report alongside SAR filing volume and alert-to-SAR conversion rates.
The Bigger Picture
FinCEN’s June 2026 guidance is part of a broader federal fraud response effort that includes the White House Task Force to Eliminate Fraud, FinCEN’s November 2024 deepfake alert, and the FBI’s expanded Financial Fraud Kill Chain program. The policy framework is moving toward coordinated, real-time industry response to fraud at a network level—not individual institutions each fighting their own battles in isolation.
Section 314(b), as updated, is the legal mechanism that enables that coordination. The FBI’s IC3 is the law enforcement channel. FinCEN SAR reporting is the regulatory channel. Together, they form a response architecture that can actually move at the speed of fraud—if institutions have the procedures in place to use it.
Most don’t yet. The June 2026 guidance is relatively new. Many BSA compliance calendars haven’t been updated since before it landed. Most fraud response playbooks were written before real-time 314(b) sharing was explicitly sanctioned.
The institutions that update their procedures now—add the 314(b) step, confirm enrollment, build the peer contact list, train the fraud team—will be positioned to use the tool when the next attack arrives. The institutions that don’t will find themselves making the same calls their predecessors made during the Marquis breach: figuring out who to call after the event rather than before.
So What?
FinCEN gave financial institutions a real-time fraud intelligence-sharing tool with legal protection on June 12, 2026. Most haven’t updated their procedures to use it.
The KRI Library includes BSA/AML key risk indicators—covering transaction monitoring metrics, SAR filing rates, alert-to-SAR conversion, and the kind of 314(b) participation metrics that would surface whether your institution’s information-sharing program is actually functioning or just enrolled on paper. When an examiner asks how you’re using 314(b) to fight fraud, “we’re enrolled” is not the same answer as “here’s our sharing volume, here’s our peer contact list, and here’s the step in our procedure.”
Fraud is a network-level problem. The tools to fight it at a network level now exist. Using them is a BSA compliance decision that belongs in your procedures today.
Sources:
- FinCEN Issues Guidance to Help Financial Institutions Eliminate Fraud Through Information Sharing (June 12, 2026)
- Section 314(b) Fact Sheet — FinCEN
- FBI 2025 IC3 Annual Report
- FinCEN Alert on Fraud Schemes Involving Deepfake Media (November 13, 2024)
- FinCEN Expands Information-Sharing Safe Harbor to Cover Fraud — Morrison Foerster Client Alert (June 2026)
◆ Related template
KRI Library (132 Key Risk Indicators)
132 KRIs with thresholds, data sources, and escalation triggers pre-built for financial services.
◆ Immaterial Findings · Weekly
Sharp risk & compliance insights. No fluff.
◆ FAQ
Frequently asked questions.
What did FinCEN's June 12, 2026 update to Section 314(b) change?
What is Section 314(b) and who can participate in it?
Does Section 314(b) sharing require a formal written request or agreement?
What types of information can be shared under Section 314(b)?
How does Section 314(b) fraud sharing interact with SAR filing obligations?
What should financial institutions do now to take advantage of the updated Section 314(b) guidance?
Author
Rebecca Leung
Rebecca Leung has 8+ years of risk and compliance experience across first and second line roles at commercial banks, asset managers, and fintechs. Former management consultant advising financial institutions on risk strategy. Founder of RiskTemplates.
◆ Related framework
KRI Library (132 Key Risk Indicators)
132 KRIs with thresholds, data sources, and escalation triggers pre-built for financial services.
◆ Keep reading
Related posts.
Compliance Strategy
OCC's 2026 Exam Rightsizing: What Community Banks Should Stop Doing—and What Still Gets You Written Up
Effective January 1, 2026, OCC Bulletin 2025-24 eliminated mandatory examination activities that aren't required by law for community banks. That means fair lending risk assessments and flood insurance transaction testing are no longer mandatory every exam cycle. Here's what actually changed, what didn't, and where compliance teams are misreading this shift.
Jul 7, 2026
Compliance Strategy
Compliance Training Program Requirements: What OCC, FDIC, CFPB, and FINRA Examiners Actually Test
Most financial institutions have a training program. Fewer have one that survives examiner scrutiny. Here's what each regulator actually looks for — and the documentation gaps that turn a training calendar into an exam finding.
Jul 3, 2026
Compliance Strategy
Regulatory Examination Readiness: The 60-Day Checklist for Banks, Credit Unions, and Fintechs
The notification letter arrives with 30–60 days' notice. What happens in those weeks determines whether you walk out with a clean report or spend the next year managing MRAs. Here's the pre-examination preparation framework that actually reduces examination duration and findings count.
Jun 29, 2026