The Illusion of Financial Privacy

Decades of legislation have chipped away at the financial privacy Americans believe they still have.


You have a 15-character password, shield the ATM as you enter your PIN, close the door when you meet with your banker, and shred your financial statements. But do you truly have financial privacy? Or has someone else been sitting silently in the room with you this whole time?

While you might feel you have secured your financial information, the government has very much wedged its way into the room. Financial privacy has practically vanished over the last 50 years.

It's strange how quickly we have accepted the current state of financial surveillance as the norm. Just a few decades ago, withdrawing money didn't involve 20 questions about what we plan to use the money for, what we do for a living, and where we are from. Our daily transactions weren't handed over in bulk to countless third parties.

Yet, what is even stranger is that most people continue to believe in a version of financial privacy that no longer exists. They believe financial records continue to be private and the government needs a warrant to go after them. This belief couldn't be further from reality. Americans do not have financial privacy. Rather, we have the illusion of financial privacy.

Why is this? Put simply, financial surveillance has been kept hidden in three major ways: Encroachments into privacy have evolved gradually through obscure legislation, the scope of surveillance has constantly expanded through inflation, and much of the process is kept intentionally confidential.

Years of Obscure Legislative Changes

Compared to today, customers in the 1970s had far more freedom in opening accounts and interacting with their own money. Back then, the decision to transact with a bank could be based on the cash in one's pocket. Transactions were not scrutinized for threats of terrorism or drug trafficking. Customers were not legally required to supply a photo ID to set up an account. Banks decided for themselves what information they needed to set up an account, and this information remained effectively confidential between the customer and the bank.

This changed in the 1970s when a pivotal piece of legislation was passed: the Bank Secrecy Act. Stemming from concerns in Congress regarding Americans concealing their wealth in offshore accounts, the legislation aimed to gather financial information to detect such activities. For example, financial institutions were required to monitor and report transactions over $10,000 to the government.

It didn't stop there. Over the years, Congress came up with more ways to expand financial surveillance in what is now best referred to as the "Bank Secrecy Act regime."

In 1992, the Annunzio-Wylie Anti–Money Laundering Act led to the introduction of suspicious activity reports (SARs), where, instead of just reporting anything over $10,000, financial institutions had to report "any suspicious transaction relevant to a possible violation of law or regulation." Two years later, the Money Laundering Suppression Act authorized the secretary of the treasury to designate the Financial Crimes Enforcement Network (FinCEN) as the agency to oversee these reports.

Following the September 11 attacks, the USA PATRIOT Act significantly expanded surveillance powers, granting the government easier access to communication records. Hidden among the pages of this sprawling omnibus bill was a set of "know your customer" requirements that forced banks not only to investigate who you are but also to verify that information on behalf of the government.

Again, Congress didn't stop there.

Another extensive omnibus bill, the American Rescue Plan Act of 2021, quietly introduced a rule intended to surveil all bank accounts with at least $600 of activity. Luckily, the controversial measure was noticed and met with immediate pushback. The Treasury Department responded by informing people that the government already has access to much of everyone's financial information.

While the proposal was retracted, the initiative was only shut down partially. Instead of affecting all bank accounts, the law narrowed its scope to require reporting for transactions over $600 made through a payment transmitter such as PayPal, Venmo, or Cash App.

Then the 2022 Special Measures To Fight Modern Threats Act aimed to eliminate some of the checks and balances placed on the Treasury, granting it the authority to use "special measures" to sanction international transactions.

While the Special Measures To Fight Modern Threats Act hasn't been passed, it remains a persistent presence in legislative proposals. It has been introduced in various forms, including as an amendment to the National Defense Authorization Act and as an amendment to the America COMPETES Act of 2022 (both of which failed), as well as a standalone bill.

Similar challenges exist in other bills that try to expand financial surveillance such as the Infrastructure Investment and Jobs Act, Transparency and Accountability in Service Providers Act, Crypto-Asset National Security Enhancement and Enforcement Act, and Digital Asset Anti-Money Laundering Act. Each new bill that passes could further chip away at our financial privacy.

Considering these laws and proposals are buried within thousands of pages of legislation, it's no wonder the public doesn't know what's going on.

A Constant Expansion Through Inflation

Even if every member of the public could read every bill front to back, there are still other ways that the Bank Secrecy Act regime has been able to expand silently each year. Surprisingly, inflation has also contributed to the erosion of our financial privacy.

Following the Bank Secrecy Act's requirement that financial institutions report transactions over $10,000, concerns were raised in court. A coalition including the American Civil Liberties Union, California Bankers Association, and Security National Bank argued that the Bank Secrecy Act violated constitutional protections, including the Fourth Amendment's protection against unreasonable search and seizure, as well as the First Amendment and Fifth Amendment. They successfully obtained a temporary restraining order against the act.

Unfortunately, the Supreme Court later held that the Bank Secrecy Act did not create an undue burden considering it applied to "abnormally large transactions" of $10,000 or more.

Let's put this number into context: In the 1970s, $10,000 was enough to buy two brand-new Corvettes and still have enough money left to cover taxes and upgrades. So perhaps the court's description of these transactions as "abnormally large" was fair at the time.

The problem is that this reporting threshold has never been adjusted for inflation. For over 50 years, it has stayed at $10,000. If the threshold had been adjusted this whole time, it would currently be around $75,000—not $10,000. Not adjusting for inflation would be like not receiving a cost-of-living adjustment for your income; it means losing money each year.

Each year with inflation is another year that the government is granted further access to people's financial activity. In 2022 alone, the U.S. financial services industry filed around 26 million reports under the Bank Secrecy Act. Of those, 20.6 million were on transactions of $10,000 or more, with around 4.3 million filed for suspicious activity. However, the second-most-common reason for filing a SAR was for transactions close to the $10,000 threshold. It almost makes one wonder why Congress bothered with a threshold at all if you can be reported for crossing it and also reported for not crossing it.

While the public has been focusing on the prices of groceries and gasoline when it comes to inflation, the impact of inflation on expanding financial surveillance has largely gone unnoticed.

Much of the Process Is Confidential

With millions of reports being filed each year as both Congress and inflation continue to expand the Bank Secrecy Act regime, shouldn't members of the public at least know if they were reported to the government? For a little while, Congress seemed to think the process should operate that way.

Realizing the need to establish boundaries after the Supreme Court gave the green light to deputizing financial institutions as law enforcement investigators, Congress enacted the Right to Financial Privacy Act of 1978. The legislation mandated that individuals should be told if the government is looking into their finances. Not only did the law establish a notification process, but it also allowed individuals to challenge these requests.

So why don't we see complaints of invasive financial surveillance on the news?

Put simply, the Right to Financial Privacy Act doesn't live up to its name. Although it should result in some protections, Congress included 20 exceptions that let the government get around them. For example, the fourth exception applies to disclosures pursuant to federal statutes, including the reports required under the Bank Secrecy Act.

Making matters worse, the Annunzio-Wylie Anti–Money Laundering Act made filing SARs a confidential process. Both financial institution employees and the government are prohibited from notifying customers if a transaction leads to a SAR. And it's not just the contents of the reports that are confidential: Banks cannot even reveal the existence of a SAR.

With these laws, banks went from protecting the privacy of their depositors to being forced to protect the secrecy of government surveillance programs. It's the epitome of "privacy for me, but not for thee."

The frustration and harm this process causes might not be so secret. There are numerous news stories about banks closing accounts without any explanation. While many have blamed the banks for giving customers the silent treatment, they may be legally prohibited from disclosing that a SAR led to the closure.

As one customer described it, "I feel that I was treated unjustly and at least I deserve to get an explanation. I had no overdrafts, always paid my credit cards on time and I consider myself to be an honest person, the way they closed my accounts made me feel like a criminal." Another customer said, "Any time I asked about why [my account was closed] they said they were not allowed to discuss the matter."

The government claims this process should be kept secret so that it doesn't tip off criminals. Yet SARs are not evidence of a crime by default.

The exact details of the reports are confidential but some aggregate statistics are available. These suggest that the top three reasons for a bank to file a SAR include (1) suspicions concerning the source of funds, (2) transactions below $10,000, and (3) transactions with no apparent economic purpose. These are not smoking guns.

There are many reasons why a bank might close an account, including inactivity, violations of terms and conditions, frequent overdrafts, and internal restructuring. But when banks refuse to explain closures, it might just be because they are prohibited from doing so, further keeping the public in the dark about financial surveillance activities.

A Balancing Act

Many might still ask, "If these reports catch a couple of bad guys, aren't they all worth it?" This raises a fundamental societal question: To what extent are we OK with pervasive surveillance if it stops bad people doing bad things?

To answer this question, we should first recognize that the optimal crime rate is not zero. While a world without crime might seem preferable, the costs of achieving that can be prohibitively high. We can't burn down the entire world just to stop somebody from stealing a pack of gum. There is a percentage of crime that is going to exist—it's not ideal, but it is optimal.

Similarly, the cost of pervasive surveillance is also too high. Maintaining a balance of power by protecting people's privacy is essential for a free society. Surveillance can restrict freedoms, such as the freedom to have certain religious beliefs, support certain causes, partake in dissent, and hold powerful people accountable. We need to have financial privacy. We have too many examples where surveillance has gone wrong and allowed these freedoms to be squashed. We have to be careful about creeping surveillance that tilts the balance of power too far away from the individual.

Removing this huge financial surveillance system doesn't mean ending the fight against terror or crime. It means making sure that Fourth Amendment protections are still present in the modern digital era. It's not supposed to be easy to get this magic permission slip that lets you into everyone's homes. The Constitution was put in place to prevent such abuses—to restrict the powers of government and protect the people.

Breaking the Illusion of Financial Privacy

Over the past 50 years, the U.S. government has slowly built a sprawling system of unchecked financial surveillance. It's time to question whether this is the world we want to live in. Instead of having a regime that generates 26 million reports on Americans at a cost of over $46 billion in a given year, we should have a system that respects individual rights and only goes after criminals.

Yet, government officials seem to have another vision in mind. Through obscure legislative changes, inflationary expansions, and a process of confidentiality, financial privacy has been continuously eroded over time.

Changing this reality is an uphill battle, but it's one that's worth fighting. The first step is raising awareness about how far financial surveillance norms have shifted in just a few decades. Changes won't happen until we dispel the illusion of financial privacy.