Commissioner Hester Peirce’s latest speech questions the scale and logic of SAR and CTR mandates, challenging the Bank Secrecy Act’s fit for the digital age.
In a rare departure from regulatory orthodoxy, Securities and Exchange Commission (SEC) Commissioner Hester M. Peirce has called for a rethink of the US financial surveillance regime, questioning whether the current compliance-heavy framework has outgrown its constitutional foundations.
Speaking at the Science of Blockchain Conference at UC Berkeley on August 4, Peirce argued that the Bank Secrecy Act (BSA) and associated surveillance mechanisms impose a disproportionate burden on institutions while failing to deliver demonstrable public benefit.
“The sledgehammer has become the tool of choice for monitoring for financial crimes,” she said, adding that while institutions can encrypt customer data, “the customer nonetheless has no expectation of privacy in the encrypted data under the third-party doctrine,” she said.
Peirce’s speech comes amid a broader review of BSA/AML regulations within the US Treasury Department, which earlier this year postponed the implementation of a new anti-money laundering rule for investment advisers.

Treasury Deputy Secretary Michael Faulkender recently stated that reforms must aim for “the optimal fulcrum for balancing the somewhat opposing forces of costs and benefits.”
Peirce went further, invoking constitutional principles to challenge the third-party doctrine that allows law enforcement to access customer data without a warrant once it is held by a financial institution. She called attention to the volume of Suspicious Activity Reports (SARs) and Currency Transaction Reports (CTRs) filed (over 25 million in FY2024) and questioned their utility, noting:
“Encouraging financial institutions to ‘see red in every flag and file unnecessary SARs . . . imposes extra costs on firms, and adds unhelpful clutter to the reporting data, making it less useful in the end.”
This culture of over-reporting, she said, has been driven by enforcement dynamics rather than actual risk, creating inefficiencies and penalising firms for conservative assessments.
Peirce’s remarks also placed scrutiny on the Consolidated Audit Trail (CAT), a centralised data-gathering system designed to track every equities and options trade in the US markets.
She and Commissioner Mark Uyeda previously described CAT as “a tool one would expect to find in a dystopian surveillance state.”
Peirce contrasted such systems with the potential of privacy-preserving technologies like zero-knowledge proofs and decentralized financial infrastructure to deliver services without compromising civil liberties. While acknowledging their misuse by bad actors, she warned against constraining legitimate innovation:
“We should not ask peers transacting with one another, where no intermediary exists, to collect and report information on each other. Doing so would deputize us to surveil our neighbors—a practice antithetical to a free society.”
Her remarks align with growing calls for a modernisation of financial privacy laws. Critics argue that the legacy of the BSA, enacted in 1970 and last substantively updated post‑9/11, is out of step with today’s digital and decentralised financial systems.
By framing privacy as a constitutional right rather than a regulatory challenge, Peirce’s speech signals a potential shift in the regulatory conversation. While no policy change has been proposed by the SEC, the remarks mark a notable challenge to a consensus that has long favoured surveillance over discretion.