Don Vangel (212) 773-2129, [email protected], is director of Bank Regulatory Advisory Services. Al James, (202) 327-7666, [email protected], is a principal in Litigation Advisory Services. Both serve in Ernst & Young's Anti-Money Laundering Practice.
The provisions in the Patriot Act pertaining to money laundering will have a profound impact on nearly every financial institution in the U.S.
The financial dimension of the war against terrorism escalated dramatically in late October when President Bush signed into law the USA Patriot Act. This groundbreaking legislation, which followed an earlier Executive Order and U.N. Security Council Resolution regarding the freezing of suspected terrorist assets and related efforts to combat terrorism, provides law enforcement and regulatory officials with sweeping new powers to combat global terrorism and money laundering.
The section of the new law that addresses money-laundering activity is entitled "The International Money Laundering Abatement and Anti-Terrorist Financing Act of 2001." Its provisions will have a far-reaching impact on nearly every type of financial services institution operating in the United States, including banks, broker-dealers, registered and unregistered investment companies, money service bureaus, and life insurers (see chart A, page 12). The new law:
Outside the U.S., efforts to combat money laundering are also being strengthened. The United Kingdom recently formally implemented an aggressive new anti-money laundering system. And in late October, the Financial Action Task Force (FATF), the anti-laundering arm of the Organization for Economic Cooperation and Development (OECD), announced special measures aimed at combating terrorist financing. Among the recommendations are that all countries criminalize the financing of terrorism, freeze and confiscate terrorist assets, and ensure that nonprofit organizations cannot be misused to finance terrorism. These measures apply to the 29 member countries of the OECD and provide a benchmark for other nations to follow.
In addition, the FATF has added several new names to its list of so-called Non-Cooperative Countries and Territories (NCCTs), bringing the total to 19. It also has indicated its intention to take as-yet-unspecified further measures against those NCCTs that, in its view, have not taken the remedial steps needed to bring their AML regimes up to standard.
Developing AML Compliance Programs
Banking organizations operating in the U.S. already have AML compliance programs in place, as required by prior regulations implementing the Bank Secrecy Act of 1970 and related legislation. However, in light of the passage of the Patriot Act, these programs will need to be revisited, and in most cases updated and strengthened. The need to develop AML programs as required by the new law will be a particular challenge for many securities broker-dealers, asset managers, insurance companies, and a host of other financial institutions that have not previously been held to bank-like AML standards.
To comply, AML programs must include four key elements: policies, procedures, and controls designed to prevent the institution from being used to launder money; a designated AML compliance officer; an ongoing employee-training program; and an independent audit function to periodically test program integrity. Further, the U.S. Treasury Department is expected to issue regulations establishing minimum standards for these elements. While bank AML programs have long been expected to contain these elements under applicable regulations, the new statutory provisions will extend bank-like requirements to a much broader range of financial institutions.
Enhanced Due Diligence Requirements
Among the key provisions of the Act for the traditional banking sector are its due diligence requirements (see sidebar 1: "Stepping Up Due Diligence"). Enhanced due diligence and know-your-customer requirements, and the monitoring of transactions based on that client knowledge, are central components of the new law. Moreover, financial institutions will be required in certain cases to know their customer's customer, which not long ago was considered unfeasible.
The Treasury Department has been directed to issue regulations that set minimum customer identification standards when new accounts are opened, and to ensure that financial institutions keep records of the transactions, participants, and "beneficial owners" of the funds involved. In addition, institutions will need to obtain, and be in a position to share, information on the beneficial owners of accounts maintained in the U.S. by a foreign person or such person's representative, as well as customer information on correspondent accounts maintained by banks in the U.S. for foreign financial institutions.
The Treasury is also required to define by regulation the equivalent of "correspondent account" for securities broker-dealers. Accordingly, the correspondent "banking" rules will eventually extend to nonbanks. Draft regulations published by Treasury for comment take an expansive view of what constitutes a "correspondent account" at a securities broker-dealer. The draft includes any account held by a foreign bank at a broker-dealer for trading or investing in securities, a foreign exchange, over-the-counter derivatives, and futures (where the broker-dealer is also a futures commission merchant).
Since September 11, financial services institutions have been actively cross-checking their account and customer lists against names that appear on law enforcement lists of suspected terrorists and money launderers and for accounts that must be frozen under the Executive Order and the directives of the Treasury's Office of Foreign Assets Control. The challenge is made more difficult because of identity theft, the use of multiple aliases by terrorists and money launderers, names that are transliterated and thus spelled in multiple ways, and the availability of only partial names in some cases.