The U.S.A. Patriot Act, enacted following the terrorist acts of Sept. 11, requires firms to establish programs to combat money laundering and the financing of terrorist activity. But that's not been an easy task for many firms.
"The rules implementing the Patriot Act have come out in pieces," notes Court Golumbic, director of Anti-Money Laundering for The Bear Stearns Companies. "As each piece comes out, every member of the industry has had to scramble to build upon existing programs, or put programs in place to comply with the rules."
While some firms have chosen to prevent money laundering manually, most firms, especially larger ones, have implemented homegrown or third-party transaction-monitoring systems.
Technology can help a firm flag transactions that stray from a customer's typical patterns, explains Luigi Licari, vice president of AML Compliance at ABN Amro, which recently opted for a global AML solution from Fairfax, Va.-based Mantas. In addition, the technology can use either predetermined or firm-customized rules to flag risky behaviors, such as transferring a large amount of money to an offshore high-risk jurisdiction.
Though many firms have already chosen the manual or technological procedures they will implement to track transactions, the Patriot Act has implications past an initial investment. The addition of Section 326 to the act in October added the onus of establishing a Customer Identification Program at every financial institution. It requires verification and documentation of customers who open new accounts, as well as an obligation to check those names against suspected terrorist lists.
Golumbic says most firms already had some level of know-your-customer procedures in place, but the conditions were vague. "Most firms on the Street have invested significantly in augmenting their customer-ID processes and procedures," he explains. "The more databases you access to screen client information, the more that's going to cost."
Firms are also required to submit Suspicious Activity Reports listing suspect transactions, which are sent to the Department of Treasury's Financial Crimes Enforcement Network (FinCEN).
The workload of this requirement varies, says Golumbic, and each firm has taken its own approach. There is no quota on SARs, he says, so "what constitutes a suspicious transaction or activity can depend on the nature of the client and the type of the business that client ordinarily engages in."
In addition, Section 314a of the act says that a firm must be prepared to allow FinCEN, a network of government agencies bound to fight money laundering, to search its records if the agency suspects the firm is linked to a suspicious transaction.
The interpretation of some of the legislation has been disputable, Licari points out. For example, when Section 314a was first released in 2002, he says the firm received an overwhelming amount of requests for information. However, he says, "then [FinCEN] pulled back on it, and reimplemented it in a more logical manner. The Patriot Act is a learning tool at this point."
The jury is also out on the challenges globalization presents, as each country has its own AML regulations. "The interest is in creating something that complies with the law in all jurisdictions, that achieves the highest degree of effective compliance, while at the same time minimizing the potential for regulatory arbitrage," he says. "It's a tremendous challenge."