310 likes | 526 Views
INT421 – Overview of the USA PATRIOT Act. John Berley Principal Systems Consultant John.Berley@sybase.com. Aisha El-Zorba Senior Product Manager Aisha.El-Zorba@sybase.com. Agenda. The USA PATROT Act & Its Impact Sybase PATRIOTcompliance Solution Strategy* Solution Demonstration
E N D
INT421 – Overview of the USA PATRIOT Act John BerleyPrincipal Systems ConsultantJohn.Berley@sybase.com Aisha El-ZorbaSenior Product ManagerAisha.El-Zorba@sybase.com
Agenda • The USA PATROT Act & Its Impact • Sybase PATRIOTcompliance Solution Strategy* • Solution Demonstration • Solution Architecture • Compliance Assessment Guide • Q&A *Appendix – USA PATRIOT Act, Title III, Sections. 313, 326 & 352 (with the FATF 40 Recommendations referenced) and Sec. 314
USA PATRIOT Act & Its Impact • On October 26, 2001, the President signed into law H.R. 3162, the USA PATRIOT Act containing strong measures to prevent, detect, and prosecute terrorism and international money laundering. • Broadly stated the Act requires financial institutions to know their customers, and, to the extent possible, their customers’ – customers • On February 26, 2002 the Treasury issued additional rules governing the sharing of information directly related to terrorist financing or money laundering activities among regulators, enforcement agencies and financial institutions through the Financial Crimes Enforcement Network (FinCEN).Re-introduced as of February 2003.
USA PATRIOT Act & Its Impact • Total companies impacted in the US – 200,000 • Total financials institutions (DFIs, SFs, Insurance and Finance, among others & their providers) who must be compliant today– over 30,000 • Estimated technology expenditures by FIs through 2005 – $1 billion+
The USA PATRIOT Act & Its Impact Compliance is not optional Penalties Under the Act include, among others: • Regulatory • Fines, and supervisory/examination fees • Supervisory Letters/Cease and Desist Orders • Civil • Minimum of $10,000/day for failure to terminate an account relationship terminated • Up to $1,000,000/ transaction for failure to comply with the various provisions under the Act • Criminal • Depending upon the severity of the infraction officers and directors are subject to personal fines and incarceration
The Shoe Is Dropping… • Spring 2002 • Sovereign Bank fined for violations - $750,000 • Summer 2002 • Great Eastern Bank: Assets - $56M; Rev.: $250K; Fined: $100K – 40% of their revenue, $50K due in 5 days and $50K due 30 March • Throughout the year • multiple supervisory letters & cease and desist orders
Western Union Fined Over Money Transfers Fri December 20, 2002 12:34 PM ET By Greg Cresci NEW YORK (Reuters) - New York bank regulators fined money transfer giant Western Union Financial Services Inc. $8 million for violating laws meant to guard against terrorist financing and money laundering, officials said on Friday. The penalty represents the largest-ever fine against a money transfer company by New York regulators and comes after last year's enactment of the USA Patriot Act -- a broad law that requires financial companies to beef up their oversight of customer activity. Now the Shoe Is Dropping…Hard $8,000,000
Now the Shoe Is Dropping…Harder Business - AP Banco Popular to Pay $21.6 Million Fine Thu Jan 16, 7:07 PM ET By MARCY GORDON, AP Business Writer WASHINGTON - Puerto Rico's largest bank will pay $21.6 million but avoid criminal prosecution for allegedly allowing millions in drug money to laundered by failing to report suspicious activity to the government, Federal authorities said Thursday. Deposits to accounts in Banco Popular often came in paper bags or gym bags stuffed with small bills, the Justice Department (news – web sites) and other federal agencies said. Under its agreement with the government, the bank admitted to violations of federal anti-money-laundering rules that require banks to notify authorities of suspicious transactions. The bank, based in San Juan, has a year to pay the $21.6 million and show that it is continuing to comply with the rules. Otherwise, it will face possible criminal prosecution. $21.6 Million
It's All About Risk & Its Management The increasing complexity of “Know Your Customer”, AML & AT regulations, combined with the increased penalties for non-compliance, make manual processes a high risk proposition for financial institutions. • Relationship Risk • Reputational Risk • Regulatory Risk • Operational/Transactional Risk • Insurance Premiums for D&O and Liability
Broad Coverage • Transactions • Wire Transfer/ SWIFT • ACH • Check • Intra-bank/ company • Switches • FIX/Securities • ACORD • File Scans • CIF • Employee/ Agent/Broker • As Needed • New Account/ Policies • Info Updates • SAR Reports • Messaging Solution Goal: An Automated Approach • Satisfy Requirements and Spirit of the Act • Provide a Total Solution • Automate Searches • Automate Notification • Simplify Reporting • Simplify User Functions • Maintain Staff Access to Policies, Procedures, Regulations., Forms, etc. • Maintain Historical Audit Trails . . . Proof of compliance - in a secure, scalable, and easy to use environment.
PATRIOTcompliance Solution Architecture Overview Investigation System Front& Back-end Systems • Knowledge • Management • Policies • Procedures • Forms • Online Training
PATRIOTcompliance Solution A solution specific to the PATRIOT ACT • Access and keeps current suspect lists • Scans transactions for suspects • Scans CIF and employee files for suspects • Supports the CIP requirements and foreign bank certifications • Generates alerts when unusual activity is detected • Generates Suspicious Activity Reports (SARs) • Maintains history and audit trails • Allows the launching independent investigations simplifying compliance with the “120-hour” investigation requirement and other requests • Allows your institution to participate in information sharing with FinCEN and other Financial Institutions
OFAC SDN* Secured** Company List Other FI Suspect List Automation Automatic Access and Updates • List sources monitored • If change – download • Stored as change only • Stored as complete list Internet Compliance Engine Historical Repository *OFAC SDN = FinCEN, FATF, OFSI and others ** Suspect Information Bulletin (FBI Control), RCMP and others
File Scans Transactions Compliance Filtering Complete OFAC SDN Secured Company List* Rules Historical Repository Compliance Filtering • Monetary & Account Maintenance Transactions as they occur: • Completeness • Lists • AML • CIF and Employee Scans • Accounts/Policies Scans • Updates Results stored with audit trail *Internal Watch List, Cleared List and Excluded List
File Scans Transactions Compliance Filtering Complete OFAC SDN Secured Rules Company lists Historical Repository MATCH Alert Wireless E-Mail Other Suspect Match • Transaction details captured • Alerts activated • Console Alert • Email • Wireless • Other
Case Management • Intuitive, easy to use • Electronic case generation • Automatic notification and collaboration • Workflow management • Electronic attachments • Audit trails of every time a fie is opened or action taken • Integrated Suspicious Activity Report (SARs)
Technology Overview TightLink BPI Suite EP
Assessment Guide Comprehensive set of question to: • Assess your current compliance position • Determine any gaps in compliance that may exist • Evaluate areas of special concern of risk • Review current operating infrastructure • Analyze and compare various option for automation Available for download via the web at www.sybase.com/patriot under download analyst reports section
Options for Automation Compliance Software (BSA, OFAC) Business Intelligence USA PATRIOT Act Solution Risk Management & Fraud Detection Funds Transfer Vendors / Other
Capabilities Ease of integration Implementation and maintenance requirements Scalability Cost effectiveness Regulator’s opinion Factors to Consider - Product
Company viability Ability to take on new business Business knowledge Track record “Fit” with your business & technology strategies Factors to Consider - Vendor
Appendix • Section 326 – Verification of Identification of Customers(FATF - The Forty Recommendations; Section C, Customer Identification and Record-keeping Rules: Recs. 10 – 13) • Section 352 – Anti-Money Laundering Program(FATF - The Forty Recommendations; Section C, Increased Diligence of Financial Institutions: Recs. 14 – 19, with particular emphasis on 19) • Section 313 – Correspondent Accounts(FATF - The Forty Recommendations; Section C, “Measures to Cope with Problem Countries . . .” : Recs. 20 – 21, with particular emphasis on 19) • Section 314 – Supporting 314(a) and (b)
Section 326 – Verification of Identification of Customers • The Treasury Department and the federal bank regulators are required to issue regulations that specify minimum requirements for identifying persons opening accounts at financial institutions. • CIP and Customer Verification Requirements and Support - the Solution can be extended to the account set-up and maintenance processes, and consolidates and maintains information for the four requirements: • Documentary Evidence (electronic docs, images, hyper-links, etc.) • Negative Verification (list reviews) • Positive Verification (access to e-funds and other validation sources) • Logical Verification (rules – a basic set)
Section 352 – Anti-Money Laundering Program • Every financial institution must develop an anti-money laundering program within 180 days after enactment. Treasury is authorized to establish minimum standards for such programs. • Anti-Money Laundering Support– There are four requirements under this section, the last three of which the Solution supports: • Appointment of an individual who has the authority for compliance on an enterprise basis • Implementation of policies, procedures and systems that meet the compliance requirements • Compliance must be auditable • Training of staff that have responsibilities within the enterprise that fall under the Act
Section 313 – Correspondent Banking Accounts • U.S. financial institutions are prohibited from maintaining correspondent accounts with foreign shell banks, which are banks with no physical presence in any country. This requirement became effective December 25, 2001. Treasury issued guidelines to clarify how financial institutions are to determine which entities are foreign shell banks, including a certification form that institutions may use to ensure that their respondents are not foreign shell banks. • Foreign Bank Certifications – The Solution supports Certification and Re-certification through the Investigation Case Management Systems by allowing institutions to create an electronic file with the certification attached and set a trigger for when re-certification must occur.