NOVEMBER 2005 Anti-Money Laundering Department of Treasury Requires Insurance Companies to Establish Anti-Money Laundering Programs and to Report Suspicious Transactions On Thursday, November 3, the Department of the Treasury’s (“Treasury”) Financial Crimes Enforcement Network (“FinCEN”) published in the Federal Register final rules requiring insurance companies to implement an anti-money laundering program (“AML Program”) and to report suspicious transactions (together, the “Final Rules”), originally proposed in 2002 (the “Proposed Rules”). The compliance date for the Final Rules is May 2, 2006. These Final Rules are codified at 31 CFR §103.137 and §103.16, respectively. A copy of the implementing releases for the Final Rules may be found at http://www.access.gpo.gov/su_docs/fedreg/a051103c.html. Separately, FinCEN proposed and is seeking comment on a new Form SAR-IC, the suspicious transaction reporting form for insurance companies. A copy of the proposal may be found at www.fincen.gov. WHO IS COVERED UNDER THE FINAL RULES Insurance companies issuing or underwriting “covered products” are subject to the Final Rules. In general, the term “covered product” means: (i) a permanent life insurance policy, other than a group life insurance policy; (ii) any annuity contract, other than a group annuity contract; and (iii) any other insurance product with features of cash value or investment.1 The AML Program requirement applies only to “covered products” offered by an insurance company; an insurance company offering a variety of insurance products in addition to “covered products” need not adopt a company-wide AML Program applicable to these other insurance products. 1 Agents and Brokers The Final Rules apply only to the insurance company and not to its agents or brokers. Nevertheless, because insurance agents and brokers are in direct contact with customers, the Final Rules require each insurance company’s AML Program to “integrat[e] the company’s insurance agents and insurance brokers into its [AML Program].” In addition, the Final Rules require independent testing that “include[s] testing to determine compliance of the company’s insurance agents and insurance brokers with their obligations under the [AML Program].” Implicit in the Final Rules, as described in the FinCEN adopting release, is that an insurance company obtain all relevant customer-related information either from its agents and brokers or from other relevant sources. More importantly, the Final Rules require procedures for obtaining customer-related information from an insurance company’s agents and brokers in connection with suspicious transaction reporting, discussed below. Moreover, the adopting release states that “some elements of the compliance program will be best performed by these agents, in which case it is permissible for an insurance company to make appropriate arrangements with an agent to perform those aspects of its [AML Program].” FinCen further states in the adopting release that any insurance company that does so, however, remains responsible for the effectiveness of the program, as well as for ensuring that the appropriate examiners have access to information Under the Proposed Rules, “the issuing, underwriting, or reinsuring of a life insurance policy, an annuity contract, or any product with investment or cash value features would have caused an insurance company to fall within the scope of the rule.” FinCEN indicated it did not include in the Final Rules reinsurance or retrocession contracts or treaties, group life insurance, group annuities, or term life insurance policies, because these pose little or no risk of being used for money laundering. Kirkpatrick & Lockhart Nicholson Graham LLP and records relating to the AML Program and are able to inspect the agent or the third party for purposes of the program. AML Program Requirements In many but not all respects, the insurance company AML Program requirements are consistent with existing AML Program requirements for other financial institutions, under the Bank Secrecy Act of 1970, as amended (the “BSA”). Insurance company AML Programs must be reasonably designed to prevent the insurance company from being used to facilitate money laundering or the financing of terrorist activities. The AML Program must be in writing and must be approved by senior management of the insurance company. The AML Program must incorporate policies, procedures, and internal controls based on the insurance company’s assessment of the money laundering and terrorist financing risks associated with its “covered products.” When assessing risks associated with particular distribution channels for its “covered products,” an insurance company should consider, among other things, whether its agents or brokers are required to have their own AML Program.2 The AML Program’s policies, procedures, and internal controls must be reasonably designed to ensure compliance with applicable BSA regulations. In the adopting release, FinCEN represented that the only BSA regulatory requirement currently applicable to insurance companies is the obligation to report on IRS/FinCEN Form 8300 the receipt of cash and certain non-cash instruments totaling more than $10,000 in one transaction or in two or more related transactions. If and when insurance companies become subject to additional BSA requirements (e.g., the suspicious transaction reporting requirement), their AML Programs will need to be updated accordingly. An insurance company must designate a compliance officer (which could also be a committee) to be responsible for administering the AML Program. The role of the compliance officer is to ensure that the AML Program is effectively implemented and updated as necessary, and that “appropriate persons” are trained concerning their responsibilities under the AML Program. Such training can be conducted through external or in-house seminars, and could include computer-based training. As discussed above, an insurance company also must provide for the training of its insurance agents and brokers concerning their responsibilities under the company’s AML Program. Finally, an insurance company must provide for independent testing of its AML Program on a periodic basis to ensure it complies with the requirements of the Final Rules and that the AML Program functions as designed. The scope and frequency of the testing must be commensurate with the risks posed by the insurance company’s “covered products.” Insurance Companies Registered with the Securities and Exchange Commission as Broker-Dealers An insurance company that is registered or required to be registered with the Securities and Exchange Commission as a broker-dealer shall be deemed to have satisfied the requirements of the Final Rules to the extent that the company has already established an AML Program including the activities covered by the Final Rules. SUSPICIOUS TRANSACTION REPORTING Under the Final Rules, an insurance company offering “covered products” is required to report3 certain suspicious transactions, where “either the premium or maximum potential payout” meets a threshold amount of $5,000.4 A transaction (or pattern of transactions) “conducted or attempted by, at, or through an insurance company” and meeting this threshold amount would need to be reported if the company “knows, suspects, or has reason to suspect” the transaction either: (i) involves funds derived from illegal activity or is intended or conducted to hide or disguise funds or assets derived from illegal activity; (ii) is designed, whether through structuring or other means, to evade the requirements of the BSA; (iii) has no business or apparent lawful purpose, and the insurance company knows of no reasonable explanation for the transaction after examining the available facts; or (iv) involves the use of the insurance company to facilitate criminal activity. Agents and Brokers Insurance companies are also responsible for reporting suspicious transactions conducted through their agents and brokers. The insurance company must have proce- 2 For example, to the extent an agent or broker is also a registered representative of a broker-dealer, the broker-dealer is required under pre-existing rules to have its own AML Program. See 31 CFR 103.120. See also NASD Rule 3011. 3 The form of report to be used is the proposed Form SAR-IC, discussed below. 4 The obligation to identify or report suspicious transactions under the Final Rules applies only to an insurance company and not its agents or brokers, although they may separately be obligated under the broker-dealer rules. 2 NOVEMBER 2005 KIRKPATRICK & LOCKHART NICHOLSON GRAHAM LLP dures in place reasonably designed to obtain customerrelated information from its agents and brokers necessary to detect suspicious transactions, and is responsible for reporting suspicious transactions based on such information.5 Where an insurance agent or broker has its own, separate obligation to report suspicious transactions under another BSA regulation, the filing of a joint SAR-IC is permissible. Red Flags Determinations as to whether a report should be filed must be based on all the facts and circumstances relating to the transaction and the customer. Different fact patterns will require different judgments. According to the adopting release, “red flags” in this context include, but are not limited to, the following: ■ the purchase of an insurance product that appears to be inconsistent with a customer’s needs; ■ any unusual method of payment, particularly by cash or cash equivalents (when such method is, in fact, unusual); ■ the purchase of an insurance product with monetary instruments in structured amounts; ■ the early termination of an insurance product, especially at a cost to the customer, or where cash was tendered and/or the refund check is directed to an apparently unrelated third party; ■ the transfer of the benefit of an insurance product to an apparently unrelated third party; ■ little or no concern by a customer for the investment performance of an insurance product, but much concern about the early termination features of the product; ■ ■ the reluctance by a customer to provide identifying information when purchasing an insurance product, or the provision of minimal or seemingly fictitious information;6 and the borrowing of the maximum amount available soon after purchasing the product. The Final Rules have clarified that an insurance company is not required to report instances of suspected insurance fraud unless the company has reason to believe that the false or fraudulent submission of information relates to money laundering or terrorist financing. SAR-IC Filing Procedures Within 30 days after an insurance company becomes aware of a reportable suspicious transaction, the company must report the transaction by completing a SAR-IC and filing it with FinCEN. Supporting documentation relating to each SAR-IC is to be collected and maintained separately by the insurance company and made available to appropriate law enforcement and supervisory agencies upon request. It should be noted that insurance companies filing SAR-ICs are prohibited from making any disclosures of SAR-ICs or the information therein, except to appropriate law enforcement and supervisory agencies. Insurance companies must maintain copies of SARICs and the original or business record equivalent of any supporting documentation for a period of five years from the date of filing. Compliance Dates and Examination for Compliance The compliance date for the Final Rules is May 2, 2006. FinCEN or its delegee will examine insurance companies for compliance with these regulations. Failure to comply with these regulations may violate the BSA and the Final Rules. The SAR-IC requirements apply to transactions entered into after May 2, 2006. Pending final adoption of the SAR-IC, insurance companies may use the existing SAR-SF. Diane E. Ambler dambler@klng.com 202.778.9886 András P. Teleki ateleki@klng.com 202.778.9477 Michell G. Fishman mfishman@klng.com 202.778.9215 5 The adopting release indicated that the insurance company “may need to amend existing agreements with its agents and brokers to insure that the company receives necessary customer information.” 6 The Final Rules do not include reference to Customer Identification Programs for insurance companies, which are required to be included in AML Programs for broker-dealers and certain other financial institutions. 3 NOVEMBER 2005 KIRKPATRICK & LOCKHART NICHOLSON GRAHAM LLP If you have questions or would like more information about K&LNG’s Anti-Money Laundering Practice, please contact one of our lawyers listed below: BOSTON PITTSBURGH Michael S. Caccese 617.261.3133 mcaccese@klng.com Mark A. Rush Stanley V. Ragalevsky 617.261.9203 sragalevsky@klng.com HARRISBURG Raymond P. Pepe 412.355.8333 mrush@klng.com SAN FRANCISCO Jonathan D. Jaffe David Mishel 717.231.5988 rpepe@klng.com LONDON Richard A. Hardwick +44.20.7360.8125 rhardwich@klng.com John D. Magnin +44.20.7360.8168 jmagnin@klng.com LOS ANGELES William J. Bernfeld David P. Schack William P. Wade 310.552.5014 wbernfeld@klng.com 310.552.5061 dschack@klng.com 310.552.5071 wwade@klng.com MIAMI Daniel B. Casey 305.539.3324 dcasey@klng.com NEWARK Anthony P. La Rocco 973.848.4014 alarocco@klng.com NEW YORK Beth R. Kramer Richard D. Marshall 212.536.4024 bkramer@klng.com 212.536.3941 rmarshall@klng.com 415.249.1023 jjaffe@klng.com 415.249.1015 dmishel@klng.com WASHINGTON, DC Diane E. Ambler 202.778.9886 Melanie Brody 202.778.9203 Michell G. Fishman 202.778.9215 Kathy Kresch Ingber 202.778.9015 Henry L. Judy 202.778.9032 Rebecca H. Laird 202.778.9038 Charles R. Mills 202.778.9096 Michael J. Missal 202.778.9302 Laurence E. Platt 202.778.9034 Jeffrey B. Ritter 202.778.9396 Francine J. Rosenberger 202.778.9187 Robert H. Rosenblum 202.778.9464 Ira L. Tannenbaum 202.778.9350 András P. Teleki 202.778.9477 Richard L. Thornburgh 202.778.9080 Robert A. Wittie 202.778.9066 dambler@klng.com mbrody@klng.com mfishman@klng.com kingber@klng.com hjudy@klng.com rlaird@klng.com cmills@klng.com mmissal@klng.com lplatt@klng.com jritter@klng.com francine.rosenberger@klng.com rrosenblum@klng.com itannenbaum@klng.com ateleki@klng.com rthornburgh@klng.com rwittie@klng.com www.klng.com BOSTON ■ DALLAS ■ HARRISBURG ■ LONDON ■ LOS ANGELES ■ MIAMI ■ NEWARK ■ NEW YORK ■ PALO ALTO ■ PITTSBURGH ■ SAN FRANCISCO ■ WASHINGTON Kirkpatrick & Lockhart Nicholson Graham (K&LNG) has approximately 1,000 lawyers and represents entrepreneurs, growth and middle market companies, capital markets participants, and leading FORTUNE 100 and FTSE 100 global corporations nationally and internationally. K&LNG is a combination of two limited liability partnerships, each named Kirkpatrick & Lockhart Nicholson Graham LLP, one qualified in Delaware, U.S.A. and practicing from offices in Boston, Dallas, Harrisburg, Los Angeles, Miami, Newark, New York, Palo Alto, Pittsburgh, San Francisco and Washington and one incorporated in England practicing from the London office. This publication/newsletter is for informational purposes and does not contain or convey legal advice. The information herein should not be used or relied upon in regard to any particular facts or circumstances without first consulting a lawyer. Data Protection Act 1988—We may contact you from time to time with information on Kirkpatrick & Lockhart Nicholson Graham LLP seminars and with our regular newsletters, which may be of interest to you. We will not provide your details to any third parties. Please e-mail cgregory@klng.com if you would prefer not to receive this information. © 2005 KIRKPATRICK & LOCKHART NICHOLSON GRAHAM LLP. ALL RIGHTS RESERVED.