New "gun store" code is for Suspicious Activity Reports

New "gun store" code is for Suspicious Activity Reports

There is a new "merchant category code" specifically for gun stores. While this story is being covered widely, most people don't understand the real implications. The "gun registry" angle isn't very concerning. The "suspicious activity" angle definitely is.

Yes, this new code will create a crude sort of gun registry to which the government will probably have easy access. But the government already has access to NICS background checks and FFL records, which are far more informative. So the gun registry implications aren't very meaningful. This new code is about something else.

This code allows Suspicious Activity Reports to be filed for gun transactions. Unlike most financial reporting, it is intended for predictive policing, much like red flag laws. As a bonus, it will probably choke off financial options for gun stores and their customers, much like the disgraced Operation Chokepoint. The gun community should be concerned about de-banking, and even more concerned about the filing of Suspicious Activity Reports with federal authorities.

Reason commented on this post a few months after it was published,
saying: "It didn't take long for advocates of the code to confirm that suspicion."

What is the new code?

Every merchant that accepts credit/debit cards is assigned a "merchant category code" (MCC) that describes what type of business it is. Historically, gun stores have been classified as "Sporting Goods Stores" (5941). That has always functioned perfectly fine. But in recent years, anti-gun advocates began claiming that gun stores need their own code.

Amalgamated Bank in New York describes itself as a "socially responsible" bank. It cites "anti-violence & gun safety" as one of its "issues we care about", and claims to be the "the only bank to demand ... red flag laws". In early 2022, Amalgamated Bank petitioned the International Standards Organization (ISO) to add a new merchant category code for gun stores. The petition was resisted, largely because they don't want to be perceived as taking a political stance:

Most credit card companies and banks have either fought the new code or been silent on the issue. For several years, Visa and Mastercard have opposed adding the code. Behind the scenes, some company officials favored the code, but they publicly rejected it out of fear of angering politicians who support gun rights.

Because of this resistance, the petition was rejected by ISO. However, Amalgamated Bank made a second attempt. This time, it rallied anti-gun politicians to its aid, including Warren and Dean. That did the trick. ISO acquiesced and approved the new code for gun stores.

Now that the new code exists, it's difficult to avoid. If you own a gun store, it is probably fraud to identify it as anything else. You should use the most appropriate code for your business. That's why various companies in the credit card industry have announced that because the code exists, it will be implemented. They are treating it as a procedural matter, even if there will be politics attached downstream.

What is the real motivation?

Apparently Amalgamanted Bank's petition for the new code said it was "necessary to identify credit risk." That is not plausible. Firearm transactions involve substantially less credit risk than average. It's hard to claim you don't owe money after a federally-licensed firearms dealer officially records that you received merchandise. So this isn't about credit risk.

It turns out this is about "detecting and reporting suspicious activity". Amalgamated Bank made a statement immediately after the code was approved:

This code is the key to creating new tools that all financial institutions must now use to begin detecting and reporting suspicious activity associated with gun trafficking and mass shootings to the Financial Crimes Enforcement Network, the government agency charged with safeguarding the financial system from illicit use.

Here's the background: "Under existing regulation financial institutions are required to file Suspicious Activity Reports (SARs), to raise red flags about money laundering, human trafficking, terrorist financing and other criminal activity." For example, your bank files a Suspicious Activity Report with your name for every day your cash activity exceeds $10k. Anti-gun advocates want to apply this same ambiguous approach toward preventing gun violence. Of course, they need legislation to make that happen.

What is the legislation?

Amalgamated Bank wasn't exaggerating when it said, "This code is the key". This code must exist for planned legislation to be viable. That's obvious when you read the legislation, which has already been introduced to Congress.

The Gun Violence Prevention Through Financial Intelligence Act was introduced to Congress in 2021 as HR 5764. It would gather information about how future criminals pay for guns:

FinCEN shall request information from financial institutions for the purpose of developing an advisory about the identification and reporting of suspicious activity relating to
(A) how homegrown violent extremists and perpetrators of domestic terrorism procure firearms and firearm accessories for the purpose of carrying out lone actor or lone wolf acts of terror within the United States; and
(B) the ways in which the firearms market in the United States is exploited to facilitate gun violence in the United States.

For clarity, FinCEN is the federal Financial Crimes Enforcement Network. This is the entity to which banks submit their Suspicious Activity Reports for money laundering, etc.

According to Everytown for Gun Safety, this legislation "would require the Financial Crimes Enforcement Network (FinCEN) to provide guidance to help U.S. banks identify and report suspicious financial activity that could potentially be related to a mass shooting or terrorist attack." Once that guidance has been provided to banks, they will be effectively obligated to begin filing "Suspicious Activity Reports" for transactions that meet the criteria for being "suspicious".

How broad will the "suspicious" criteria be? We don't know. But at any scope it will probably discourage banks from processing payments with the gun store code.

What will be done with a Suspicious Activity Report filed in relation to a gun purchase? We don't know. But it is inevitable that perfectly law-abiding Americans will have these reports filed against them.

Why is this legislation insidious?

To be fair, the proposed legislation might actually help identify some arms trafficking. Banks have better perspective than individual firearm dealers for identifying that crime. But advocates for this legislation don't often mention that aspect. Their statements focus much more on predicting "mass shooters" and "domestic terrorists". That focus on prediction is unusual.

Historically Suspicious Activity Reports have been filed when bankers believe a crime has already been committed. This new legislation expects bankers to predict the future – to guess the "purpose" of someone's purchases with nothing more than amounts, dates, and store names. Even if these were psychologists and not bankers, nobody can predict the future – certainly not with such scant information. Ammoland is right to call this reporting requirement a "fishing expedition".

If banks are asked to report firearm purchases, many will likely refuse the liability. Specifically, they would refuse to process card payments associated with the gun store code. Yes, these banks will disappoint some of their customers, who will face "card declined" errors in stores and online. But the cost of that disappointment may be perceived as less than the cost of compliance – and the risk of being sued for mistakes.

Financial implications aside, there are the law enforcement implications. When a bank reports someone's gun purchases as suspicious, what is the federal government supposed to do with that information? Presumably pass it along to local law enforcement. And what are local cops going to do when the federal government tells them a local citizen has just made suspicious gun purchases? Hopefully they will act reasonably, but let's face it - this is a recipe for serious trouble.

How can you avoid the new code?

Online forums are buzzing with people looking for workarounds to this new merchant code. They don't want to get de-banked or added to a gun registry. Unfortunately there is a lot of bad advice being offered.

For example, while cash and cryptocurrency might work for in-person transactions, they completely expose you to scams online.

Also, is not a solution to this problem, in spite of being frequently recommended in the forums. is effectively a brand of Community Financial Credit Union. It is beholden to the same requirements as any other bank. It would be required to monitor "gun store" transactions and file Suspicious Activity Reports under your name. Or instead, it may choose to decline "gun store" transactions altogether. Regardless, it's not a workaround.

These are the viable options for avoiding the new code:

  1. Buying in person? Pay cash or cryptocurrency. You can also pay by prepaid debit card, if the card issuer does not decline gun store transactions.
  2. Buying online? Pay by GunTab. You can pay by card, because GunTab is not classified under the new code. Or you can pay by bank account, because ACH transactions don't use merchant category codes in the first place.  Try it now.


Supporters of this legislation are saying things like, "we should do whatever we can to prevent gun violence." That might seem like a nice sentiment, but it's not. "We should stop at nothing" is an extremist viewpoint by definition. We don't need extremists right now, we need people who are willing to engage with differing viewpoints to find common ground. And there is definitely common ground.

Nobody wants mass shootings, domestic terrorism, or arms trafficking. So let's find ways to cooperate against those crimes. For example, family members, educators, and social workers are often aware that someone is a threat before they commit an act of violence. What can we do with the information they have, as members of their community? Can't we agree they have far more information than banks will ever have? Do we really need to go on this antagonistic fishing expedition for financial data, when there are much better and less divisive sources of information available?

Enough with the anti-gun extremism. Let's not ask banks to report our neighbors for ambigous "suspicious activity." Instead, let's cooperate on useful solutions.