1 / 27

Webcast Series 2009 featuring . . . Operational Considerations on Regulatory Issues

Webcast Series 2009 featuring . . . Operational Considerations on Regulatory Issues December 8, 2009. Welcome Introduction. Craig Hollis Vice President and AML Officer. Meeting Logistics. Keep Webcast to 60 minutes Ask a question

bebe
Download Presentation

Webcast Series 2009 featuring . . . Operational Considerations on Regulatory Issues

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Webcast Series 2009 featuring . . . Operational Considerations on Regulatory Issues December 8, 2009

  2. Welcome Introduction Craig Hollis Vice President and AML Officer

  3. Meeting Logistics • Keep Webcast to 60 minutes • Ask a question • Click on the Q&A window in the lower right hand portion of the screen • Type your question into the dialog box • Click the Send button • Following today’s Webcast • Redirected to a brief survey • Link via email to access a recording of today’s Webcast • If you experience any technical difficulties during the presentation • Submit a question through the Q&A • Contact WebEx Technical Support at 1 (866) 229-3239

  4. Jeff Cook Director of Regulatory Compliance DST Systems Joan Dowd Chief Compliance Officer Boston Financial Data Services Agenda Privacy Massachusetts Data Protection Law FTC Identify Theft Prevention (Red Flags Rule) Data Masking Summary Prospectus International ACH Transactions (“IAT”) New California Law: State Backup Withholding

  5. Massachusetts Data Protection Law Massachusetts Office of Consumer Affairs and Business Regulation Adopt Standards – September 2008 Original Law Exceeded Authority – Rigid Standards Multiple Public and Private Hearings Two Significant Revisions – August 2009 Final Regulation Issued – October 30, 2009 Compliance Date Extended to March 1, 2010 Background

  6. Massachusetts Data Protection Law Compliance Date Extended to March 1, 2010 • Have a written information security program adhering to promulgated standards • Comply with specified system security requirements • Take “reasonable steps” to ensure third party service provider compliance Requirements For those maintaining or storing “personal information” of Massachusetts Residents:

  7. Massachusetts Data Protection Law • Listened and responded to industry concerns • Built more flexibility into the rules • Still requires each business to have a comprehensive information security program but can now be tailored to the following: • Size, scope, and type of business • Available resources • Amount of stored data • Need for security and confidentiality of consumers and employee information • Must take reasonable steps to ensure their third party providers protect shareholder information, but written certification is no longer required Revisions to the Law …

  8. Massachusetts Data Protection Law • Compared the revised MA law with our Security Program • Periodically review our program to ensure compliance with regulations • Annual training and awareness regarding information security • Enhanced due diligence of third party providers/vendors • Daily monitoring • Use multi-factor authentication to provide information for phone inquiries • Encrypt e-mail and secure FTP for file transmission • Provide clients an overview of internal security policies Our Support Structure

  9. FTC Red Flags Rule Enforcement Date Extended to June 1, 2010 • Develop and implement a written Identity Theft Prevention Program • Designed to detect, prevent, and mitigate identity theft • One definition of financial institution is one that has “transaction accounts” • An account from which the account owner can direct payments to third parties • Check-writing; debit cards; wires to third parties • Written or telephone instructions directing money to third parties (or to bank accounts not on file) Requirements

  10. FTC Red Flags Rule Our Support Structure • Initial program provided in 2008; subsequent updates added • Placed program on Boston Financial Compliance Corner or issued directly to clients • Provide certification as part of our quarterly 38a-1 statement • A file that contains SSN/TIN discrepancies from the CIP verification process to run against the IRS TIN Match Program • A new report that contains only address discrepancies is being created with a procedural workflow to review and analyze for fraud, identity theft is in development Two Future Program Enhancements

  11. Data Masking DST Online Masking Projects • DST TA2000 3270, Desktop, SmartDesk, Vision, and FANWeb screens have been identified and provided to RCAG Steering Committee for review • Reports – FANWeb, Vision, Voice, and DST reports have been identified and masking is ongoing Our Support Structure • SSNs have been removed from transcripts, confirmation statements, and new account welcome kits • Fund, Account and SSN have been removed from correspondence • Encourage not returning original documents to shareholders as these may contain personal information • Validate reports and screens during testing phase

  12. Tax Form Masking IRS Notice 2009-93 Requirements • Creates a pilot program allowing the masking of SSNs • For tax years 2009 and 2010 on paper payee statements only • IRS approval is not needed • The notice is effective immediately; masking is voluntary • Applies to paper payee statements (not electronic statements) • Only applies to Form 1098 series, Form 1099 series, and Form 5498 series. Form W-2 is not included • Does not apply to any information return filed with the IRS • Applies to tax forms to individuals only (SSN format only) • Does not apply to accounts registered as entities (those with EIN format of 99-9999999) - paper payee statements for these accounts must include full TIN

  13. IRS Notice 2009-93 • Substitute and composite/combined payee statements are in scope • The identifying number must be truncated by replacing the first five digits of the nine-digit number with asterisks or Xs • For example, a social security number 123-45-6789 would appear on the paper payee statement as ***-**-6789 or XXX-XX-6789) • Entire social security number for individuals and/or tax identification number for entities are still required on files sent to IRS • The Notice is available at http://www.irs.gov/pub/irs-drop/n-09-93.pdf. The IRS is accepting comments until May 1, 2010, with regard to the current notice and go forward strategy Requirements

  14. IRS Notice 2009-93 Our Support Structure • We will work to have the TA2000 programming ready for systematic masking the SSNs for tax year 2010 • Distinguishing and separating the masking for SSN and EIN formats is necessary • Interfering with the YE platform at this late date is not recommended • Working with DST Output for a 2009 masking solution that will not involve changes to the YE platform

  15. Summary Prospectus

  16. Summary Prospectus • 3/31/2009: SEC Effective Date (optional) • 1/01/2010: Mandatory Filing • Three or four-page, “plain English” summary • Updated annually • Can be sent in lieu of statutory prospectus • Must be incorporated into the statutory prospectus • Must have Internet availability of compliance materials • Summary Prospectus, statutory prospectus, SAI, and shareholder reports • Must send statutory prospectus if requested Requirements

  17. International ACH Transactions (“IAT”)

  18. International ACH Transactions (“IAT”) Effective Date: September 18, 2009 Background What is IAT? • A new ACH transaction type, International ACH Transaction or “IAT” • This new payment code and record layout will be used to identify an ACH credit or debit that is part of a payment transaction that involves a financial agency's office that is not located within the territorial jurisdiction of the US • It allows for the identification and facilitation of IAT transactions • It enables financial institutions to comply with OFAC obligations regarding international transactions • The territorial jurisdiction of United States includes all 50 states, U.S. territories, U.S. Military bases and U.S. embassies in foreign countries

  19. International ACH Transactions (“IAT”) Our Support Structure Incoming IATs - project complete • Worked with Banks that have an interface with DST • DST receives ACH file from bank that contains the new code and new record layout • DST created a report that is executed daily that contains ACH transactions with IAT code and transaction information • Operations receives the report and scans information against the OFAC database • If there is not an OFAC hit, transaction is processed same day • If there is an OFAC match the transaction is not processed and operations contact the originating bank • Worked with banks who do not have an interface with DST • Reviewed the bank reports to identify any IAT transactions • Process follows that noted above

  20. International ACH Transactions (“IAT”) Our Support Structure Outgoing IATs - project underway • All outgoing ACH transactions are run against the OFAC database • A report that identifies outgoing systematic ACH transactions for accounts with foreign addresses is printed daily • Currently DST is developing a systematic solution to include the IAT code and transaction information • Boston Financial/DST are retaining reports until the process is automated • If destination bank contacts Boston Financial/DST, transaction information will be provided

  21. International ACH Transactions (“IAT”) Systematic Solution for Outgoing IAT • Flag outbound ACHs as IAT for all accounts with a foreign address based on country code • Update the ACH layout with the new IAT layout • Provide a front-end method for users to flag the account as IAT when setting up a new ACH • Project was rated as highest priority by RCAG Steering Committee

  22. New California Law State Backup Withholding

  23. New California Law:State Backup Withholding • Signed into law on July 28, 2009 • Effective Date: January 1, 2010 • There is a 7% state backup withholding for California residents on transactions that are subject to federal backup withholding (28%) • Exclusions include: • Those accounts or transactions not subject to federal backup withholding • Money Market Funds – (not subject to withholding) • Interest and dividend payments or release of loans • Accounts with uncertified or missing TINs, and B-Notices, California backup withholding will apply to redemption and long-term capital gains only • Accounts with C-Notices, California backup withholding applies only to long-term capital gains Requirements

  24. New California LawState Backup Withholding • We will continue the analysis of the Bill and work to begin identifying potential impacts to determine necessary long-term system changes • Analyzing possible solutions • Efforts involved in taking the withholding automatically on applicable payments, remitting withholding, and reporting to California residents • Due to the short time-frame, a full systematic process will not be available on January 1, 2010 • DST programming is developing a short-term solution that will involve minimal manual effort until the long-term systematic solution is available Our Support Structure

  25. Questions Craig Hollis Vice President, AML Officer, Boston Financial

  26. Thank You

More Related