USA Patriot Act Anti-Money Laundering Programs
March 21, 2002
On October 26, 2001, barely a month and a half after the attacks of September 11th, President Bush signed into law the USA PATRIOT Act (the “Patriot Act”), a comprehensive bill to combat terrorism. One key element of the Patriot Act, Section 352, amended the anti-money laundering provisions of the Bank Secrecy Act. Previously, the Secretary of the Treasury had the discretion to decide which financial institutions were required to implement anti-money laundering programs. The Patriot Act removes that discretion and simply states that “each financial institution shall establish anti-money laundering programs.” Now all financial institutions covered by the Bank Secrecy Act must put into place an anti-money laundering program. The effective date for compliance with the Patriot Act’s anti-money laundering requirements is April 24, 2002.
Which Financial Institutions are Covered Under the Patriot Act
As amended by the Patriot Act, the Bank Secrecy Act defines the term “financial institution” to include a wide variety of businesses that could be used for money laundering activities, including among many other institutions, banks and trust companies, securities and commodities brokers and dealers, commodity trading, advisors and commodity pool operators, insurance companies, automobile dealers, persons involved in real estate closings and settlements, travel agents and investment companies. Although the term “investment companies” is not defined, under the Bank Secrecy Act, the Secretary of Treasury has broad powers to include through regulation any businesses comparable to those defined as “financial institutions.” In recent testimony before the House Financial Subcommittee, a Treasury official indicated that the Treasury was moving “aggressively” to include financial institutions that previously were not subject to the Bank Secrecy Act requirements. This broad approach taken by Treasury suggests that hedge funds and investment managers should implement the anti-money laundering program rather than risk of running afoul of any forthcoming regulations. [1] Investment managers who are registered as commodity trading advisors or commodity pool operators must do so as they are specifically included among the financial institutions covered by Section 321 of the Patriot Act.
The Anti-Money Laundering Program
To conform to the Patriot Act, a financial institution must implement anti-money laundering programs, which include, at a minimum:
(a) the development of internal policies, procedures, and controls (e.g., to determine what is unusual or suspicious activity and what steps to take once an unusual activity is identified);
(b) the designation of a compliance officer;
(c) an ongoing employee training program; and
(d) an independent audit function to test the programs.
The Patriot Act authorized the Treasury to prescribe minimum standards for these anti-money laundering programs by the effective date of these programs, i.e., by April 24, 2002, and exempt from the application of those standards any financial institution not subject to the implementing regulations under the Bank Secrecy Act, such as investment companies and futures commission merchants. The Treasury has yet to promulgate these regulations and the scope of any such exemption is unknown at present. The National Association of Securities Dealers (“NASD”) has proposed rules for its members (i.e., broker-dealers), to comply with the Patriot Act standards and the Securities Industry Association (“SIA”) Anti-Money Laundering Committee has produced a report, “Preliminary Guidance for Deterring Money Laundering Activity” for its members. [2] These sources offer numerous suggestions that hedge funds and investment managers can use to implement anti-money laundering programs.
Internal Policies, Procedures, and Controls to Deter Money Laundering
The legislative history of the Patriot Act indicates that Congress did not intend that every firm implement the exact same policies, procedures and controls. Clearly, each firm’s anti-money laundering programs need to be tailored to the firm’s size, location, business activities, and its risks and vulnerabilities to money laundering. However, any anti-money laundering program must have the primary goal of implementing policies and procedures to allow employees to detect and report suspicious transactions that may involve money laundering. “Know your customer” is clearly at the heart of any successful anti-money laundering program.
Some of the transactions that anti-money laundering programs should identify as suspicious include transactions in cash or cash equivalents over $10,000, deposits of funds or bearer bonds with an immediate request to transfer the money without an apparent business reason, and numerous transaction in amounts just below the government’s reporting requirements. Employees should also be suspicious of accounts that make frequent wire transfers to or from countries known for bank secrecy or from countries that do not cooperate with international anti-money laundering efforts. [3] A sudden flurry of wire transactions in one account after a period of inactivity could also be a sign of money laundering.
Employees should also be alert for customers who hesitate to reveal the nature of their business, who do not appear to have sufficient knowledge about their line of business, or appear to be representing a third party of unknown identity. By October 26, 2002, Treasury Regulations setting minimum standards for customer identification will be effective for all financial institutions. It will be necessary for all financial institutions to monitor the promulgation of these regulations. Customers who wish to engage in transactions that do not make good business sense or who attempt to avoid normal documentation requirements or exhibit a complete lack of concern regarding the risks, commissions, or other transaction costs may also be involved in money laundering activities. Among other red flags are missing Social Security numbers, an inability to speak English, and the use of foreign visas as identification. It is important to verify information, such as matching Social Security numbers with names and telephone numbers for everyone associated with a particular account. It goes without saying that employees should always be on alert for customers who make large deposits in currency or cash equivalents.
Investment managers and hedge fund general partners who use intermediaries (such as funds of funds, fund administrators, placement agents and solicitors) should also develop policies and procedures to detect suspicious activities by intermediaries. First and foremost, a firm should determine if the intermediaries have their own anti-money laundering programs and whether they are implementing those programs. The firm should closely investigate intermediaries who have not had substantial past dealings with the firm, who do not have a reputable history in the investment business, or who are not registered financial institutions. One clear indicator of the need for extra due diligence is an intermediary that is from a country or territory known for offshore banking, for bank secrecy, or as a non-cooperative country.
Besides implementing policies and procedures to detect suspicious activities by customers or intermediaries, many financial institutions will be required to implement procedures to report suspicious activities to the Treasury’s enforcement agency, FinCEN. [4]At present, the Bank Secrecy Act’s suspicious activity report (SAR) filing requirements are only being expanded to include brokers and dealers. The report to Congress referenced in Footnote [1], will address the expansion of SAR reporting to hedge funds and other investment companies. It may then be expanded to include futures commission merchants, commodity trading advisors and commodity pool operators. In any event, all reports of suspicious activities need to be reviewed to determine what action should be taken. Among possible steps to take are rejection of investments, refusal to provide services and reporting suspicious activity to the government. At times it may be necessary to consult with outside counsel to make this determination. In the case of offshore funds, procedures should be designed to conform to the requirements of local law. The assistance of local counsel is advised. Finally, there should be a centralized procedure to gather and keep records of any reported suspicious activity.
Anti-Money Laundering Compliance Officer
The Patriot Act requires all financial institutions to designate a Compliance Officer. Depending on the size of the firm, anti-money laundering compliance could be accomplished by an officer who has other responsibilities, by an officer whose sole responsibility is compliance, or even by a small department headed by the Compliance Officer. The Compliance Officer’s main responsibility is to review the firm’s policies, procedures and controls to assure that they meet the minimum standards set by the Treasury and to make sure that the procedures are being effectively implemented. In addition, the officer should review reports of suspicious activities, keep records of those activities, and direct an ongoing training program.
Ongoing Training Program
An effective training program must first identify the employees who will implement the anti-money laundering procedures during their day-to-day activities. These employees then need to be informed about the policies and trained in the procedures. In larger firms, the training should be adapted to the needs of different departments.
Anti-money laundering training should also be part of the training and orientation of new employees. Finally, the program must include a regular review of the employees’ knowledge and regular updates on changes in procedure. Again, depending on the size of the firm, the program could be enacted informally on a one-to-one basis by the Compliance Officer or through regularly scheduled training sessions. The firm’s anti-money laundering policies and procedures should be available in print for the employees to review and the firm should keep a record of its training efforts.
Independent Audit Function
The Patriot Act mandates that each firm put in place an independent audit function of its anti-money laundering policies, procedures and controls. The purpose of the audit is to make sure that the areas of the firm which have primary responsibility to detect money laundering are in compliance with the program and procedures. The audit function should also be designed to evaluate the effectiveness of firm’s anti-money laundering programs and to ensure that proper documentation of the programs is kept. To maintain the independence of the audit function, those involved in the auditing should come from areas of the firm that do not have key roles in the anti-money laundering programs or they should come from an external source, possibly from a firm’s auditors.
Other Provisions
Under the Patriot Act financial institutions are prohibited from providing correspondent accounts to foreign shell banks—banks with no physical location. The Treasury’s rule proposal includes a provision requiring institutions to take steps to ensure that correspondence accounts to foreign banks are not being used to provide services to foreign shell banks indirectly. This provision is unlikely, however, materially to affect financial institutions other than banking institutions.
Conclusion
Since the horrific events of September 11, 2001, the United States has fought the war against terrorism on many fronts. The Patriot Act fights on the financial front. Without laundered funds, terrorist organizations would be severely limited in their scope of action. By implementing a comprehensive anti-money laundering program that sets out clear policies, procedures and controls and that includes a Compliance Officer, an ongoing training program, and an independent audit function, financial institutions are expected to make a significant contribution to limiting terrorist activities.
[1] Section 356 of the Patriot Act requires the Treasury, the Board of Governors of the Federal Reserve System (FRB) and the Securities and Exchange Commission (SEC) to submit a report to Congress within one year on recommendations for regulations to apply Bank Secrecy Act requirements to investment companies (and investment advisors). For that purpose, the Patriot Act specifically includes private investment companies (i.e., Section 3(c)(1) and Section 3(c)(7) funds) in the definition of investment companies.
The same section authorizes the FRB and the SEC to recommend that Treasury promulgate regulations to require any corporation or business or other grantor trust that has 5 or fewer equity owners to disclose its beneficial owners when opening accounts or initiating funds transfers at any domestic financial institution. If promulgated, any such regulations will require expansion of most existing hedge fund subscription documents.
[2] NASD’s proposed rules can be found in the Federal Register, Vol. 67, No. 37, Monday, February 25, 2002. SIA’s guidance can be found at its website: http://www.sia.com/moneyLaundering/ pdf/AML_Guidance_Final.pdf
[3] A list of non-cooperating countries and territories can be found on the Financial Action Task Force on Money Laundering (“FATF”) website at http://www.oecd.org/fatf/NCCT_en.htm. This list currently includes Israel, Russia, Ukraine, Egypt, Phillippines, Indonesia, Hungary, Nigeria, Lebanon, Guatemala, Cook Islands, Dominica, Grenada, Marshall Islands, Myanmar, Nauru, Niue, St. Kitts and Nevis, and St. Vincent and the Grenadines.
[4] FinCEN’s website (http://www.ustreas.gov/fincen/) contains information on the process of reporting suspicious activities to the government.
For additional information on this topic, you may contact Howard A. Neuman or Carol Spawn Desmond.