U.S. gets tough on terror with Patriot Act: database tool will be a boon to integrators.The U.S. government uses financial monitoring as a J heavy weapon in its war against drug money and organized crime. Regulated under the Bank Secrecy Act The Bank Secrecy Act of 1970 (or BSA, or otherwise known as the Currency and Foreign Transactions Reporting Act) requires U.S.A. financial institutions to assist U.S. government agencies to detect and prevent money laundering. (BSA 1. BSA - Business Software Alliance. 2. BSA - Bidouilleurs Sans Argent. ), the government requires domestic banks to track certain customer activities and to report large cash transactions to the Department of the Treasury. But in response to September 11, the government has expanded federal requirements to include many more financial institutions and to identify a much broader range of suspicious transactions related to terrorist funding. The new act is called "Providing Appropriate Tools Required to Intercept and Obstruct ob·struct v. To block or close a body passage so as to hinder or interrupt a flow. ob·struc  tive adj. Terrorism"--aka the Patriot Act Patriot Act: see USA PATRIOT Act. .The Patriot act, which expands the still-in-effect BSA, shifts financial institutions from a transactional focus to a view focused on suspicious customer activities. The government refuses to define "suspicious," but does list a broad range of reportable data. This data is not only based on transactions, but also on customer monitoring-- relationships, activities, transactions targets, and where they do business. This is one tall order. Patriot Act Background President Bush signed the Patriot Act into law on October 26, 2001. The act alms to frustrate and punish terrorist acts in the U.S. and around the world by enhancing law enforcement investigatory tools. The investigations center around tracking money flows and patterns to suspect companies and between suspicious individuals. It requires financial institutions and related companies to track such items as the identity and address of customers and participants in a suspect transaction, the legal capacity in which participants are acting, the identity of the fund's owner, and clues as to why the money is being moved. (The act also forbids banks from doing business with shell banks, which are institutions located in areas with no regulation or weak regulation, or that have dubious banking status.) The act covers a broad range of financial institutions, with more to come. Bob Breton, senior director of product strategy for Sybase eBusiness Division commented, "The major change is that the definition now applies not just to banks, but has grown dramatically. Essentially any business involved in a financial transaction has been labeled as a financial services The examples and perspective in this article or section may not represent a worldwide view of the subject. Please [ improve this article] or discuss the issue on the talk page. company." The act broadly defines financial institutions (FIs) as domestic banks and U.S.-based branches of foreign banks, mutual funds, credit-card companies such as Visa and Mastercard, wire-transfer businesses such as Western Union, check cashiers, securities brokers and dealers, and futures/commodities traders. Within a year that list may expand to include such businesses as dealers in precious metals Precious Metals Valuable metals such as gold, iridium, palladium, platinum, and silver. Notes: Investing in precious metals can be done either by purchasing the physical asset, or by purchasing futures contracts for the particular metal. , stones, or jewels, pawnbrokers, loan or finance companies, private bankers, insurance companies, travel agencies, telegraph companies, dealers in automobiles, airplanes, and boats, real-estate dealers, hedge funds, commodity-trading advisers and ve nture capital firms. The act's primary requirements are: * File Suspicious Activity Reports A Suspicious Activity Report (or SAR) is a report regarding suspicious or potentially suspicious activity, filed with the Financial Crimes Enforcement Network (FinCEN), an agency of the United States Department of the Treasury. (SARs): Building on BSA requirements, FIs must report transactions greater than $10,000. This includes aggregate transactions totaling more than $10,000 over a short period of time, or among a related group of customers. The institutions file SARs with the Treasury Department's FinCEN (Financial Central), which liaisons between law enforcement and financial services. * Designate a special compliance officer and train employees to detect money laundering The process of taking the proceeds of criminal activity and making them appear legal. Laundering allows criminals to transform illegally obtained gain into seemingly legitimate funds. : Many domestic banks will already have BSA compliance officer and trained staff. But the Patriot Act brings many new financial businesses into the fold, and also expands the original BSA requirements. Even experienced BSA compliance officers must retrain re·train tr. & intr.v. re·trained, re·train·ing, re·trains To train or undergo training again. re·train , and staff must be more sensitive than ever to even mildly suspicious activity. * Conduct independent audits of compliance readiness: Affected FIs must show independent evidence of their compliance within the act's tight timeframes--the initial deadline is October 2002. This affects more than 6,000 of them, with secondary institutions looking to 2003. The government is not kidding: failure to comply can lead to heavy civil and criminal penalties, including fines up to $1,000,000 per unreported transaction. * Establish policies and procedures Policies and Procedures are a set of documents that describe an organization's policies for operation and the procedures necessary to fulfill the policies. They are often initiated because of some external requirement, such as environmental compliance or other governmental to identify risks and minimize abuse: This is a systematic attempt to not keep from harassing innocent customers or abusing investigative requirements. Although FIs are required to report many transactions, no one wants to sic the FBI on their best (innocent) customers. Technical Issues Financial institutions handle millions of transactions a day throughout the world. A straightforward pattern-matching algorithm might be enough to catalog transaction following strict parameters, but the Patriot act goes much further. It requires FIs to monitor trends within the enterprise, and to know their customers and their habitual activity across all departments and locations. The only way large financial companies can comply with this requirement is by using sophisticated knowledge management tools working across a variety of databases, applications, and platforms. The tools must yield both real-time customer views and sensitive alerts and historical tracking for unusual activity. According to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. Breton, Sybase identified several major challenges for financial institutions to comply with the act: * Reduce the cost of managing compliance: Companies need to be able to monitor government suspect lists and review business transactions, and need automated tools to help determine anomalous activities. The most important list to monitor is the U.S. Treasury's Specially Designated Nationals (SDN SDN Sun Developer Network (Sun Microsystems) SDN SAP Developer Network SDN SOF (Special Operations Forces) Deployable Node SDN Sociale Databank Nederland (Dutch) ) list. The Office of Foreign Asset Control (OFAC OFAC Office of Foreign Assets Control (US Treasury) OFAC Ontario Farm Animal Council (Canada) OFAC Olmsted Falls Airport Committee OFAC Organic Fertilizer Association of California ) maintains and frequently updates the list. For example, a foreign bank was on the SDN because the government suspected it channeled funds to Libya. After an investigation that proved the bank was innocent, OFAC removed the entry. It is the financial institution's responsibility to proactively monitor the ever-changing SDN. * Filter reportable data: The act covers a wide variety of reportable data. One of the major requirements includes every transaction over $10,000, including aggregates and related transactions. For example, the same customer may make several smaller transactions over five days that together total over $10,000. Or several related customers (for example, socially or business related) may make several transactions on the same day totaling more than $10,000. This kind of investigatory level needs trending tools with filtering and data mining features. * Provide a platform to reach a conclusion: Different departments may know a customer in different ways: wire transfer may have one view, deposit another, and brokerage another. All departments need a common compliance management system that allows different departments to track activities throughout this process and maintain complete audits of resulting actions. The system must also be extremely secure to protect customer identities. According to Walter Lee There have been two notable people named Walter Lee.
Rules-based systems use sets of rules to identify suspect activity. Based on filtering technology that matches customer data, the systems identify transactions that benefit banned or restricted individuals, businesses or countries. The filtering further allows the FI to freeze the prohibited assets at the point of transaction. Artificial intelligence (AI) systems use statistical modeling techniques to evaluate the possibility that a transaction represents money laundering. These systems usually compare current transactions against customer and account history profiles. If there are resulting anomalies, the systems assign degrees of difference. The greater the anomaly, the likelier the evidence of money laundering or other suspicious activity. Artificial intelligence/adaptive learning systems combine Al and ongoing learning to evaluate potential money laundering. Sybase, for example, used its existing technology to develop an enterprise integration application directly to Patriot Act requirements. It already had a major presence in the finance industry, and had recently acquired New Era of Networks. New Era of Networks specialized in enterprise application integration products and services in the application-to-application (A2A A2A Access to Archives (UK) A2A Application to Application A2A Air-To-Air (weapon) A2A Administration-to-Administration A2A Any to Any ) space. (A2A products connect disparate software within the same enterprise.) Sybase integrated the A2A infrastructure and their own enterprise database applications, producing the Patriot Compliance product. Patriot Compliance uses datamining and rules-based procedures to uncover activity patterns related to the Patriot Act. Patriot Compliance tools are not a huge profit center for domestic bank customers, since most already spent the 1990s installing massive CRM (Customer Relationship Management) An integrated information system that is used to plan, schedule and control the presales and postsales activities in an organization. systems from vendors such as Siebel, PeopleSoft, Oracle, and Sybase. These huge integration projects allow domestic banks to implement Patriot Act regulations without large additional expenditures. Wells Fargo Wells Fargo armored carriers of bullion. [Am. Hist.: Brewer Dictionary, 1147] See : Protectiveness Wells Fargo company that handled express service to western states; often robbed. [Am. Hist. Bank, for example, has had a comprehensive money-laundering tracking system in place for years. For non-banks, however, the challenge is greater. Mutual funds and securities brokers, credit-card companies, wire transfer businesses and futures traders may not have the same reliance on CRM and integrated systems that banks already do. Only 20% of securities firms already had money-laundering protections in place before September 11, most large companies like Prudential, Merrill Lynch Merrill Lynch & Co., Inc. (NYSE: MER TYO: 8675 ), through its subsidiaries and affiliates, provides capital markets services, investment banking and advisory services, wealth management, asset management, insurance, banking and related products and services on a global basis. and Morgan Stanley  To comply with Wikipedia's , the introduction of this article needs a complete rewrite. . These firms primarily need intelligent access
to suspicious customer databases such as Treasury's SDN list. For
example, a dozen Wall Street firms are reportedly crea ting ting n. A single light metallic sound, as of a small bell. intr.v. tinged , ting·ing, tings To give forth a light metallic sound. a company that will offer a customer database to the financial services industry. Goldman Sachs The Goldman Sachs Group, Inc., or simply Goldman Sachs (NYSE: GS) is one of the world's largest global investment banks. Goldman Sachs was founded in 1869, and is headquartered in the Lower Manhattan area of New York City at 85 Broad Street. was primarily responsible for creating The Regulatory DataCorp Int'l LLC (Logical Link Control) See "LANs" under data link protocol. LLC - Logical Link Control . Other Wall Streeters like Merrill Lynch, Citigroup, and UBS UBS Union Bank of Switzerland UBS United Bible Societies UBS United Blood Services UBS United Buying Service UBS Used Bookstore UBS University Business Services UBS Universal Building Society (UK) UBS Ulaanbaatar Broadcasting System PaineWebber provide financial support. Regulatory DataCorp will compile information from public resources such as law enforcement records, and then sells database access to other FIs for customer screening. However, fully 80% of securities firms--most of them small houses--must scramble to observe Patriot Act regulations. Putting in anti-money laundering Anti-money laundering ("AML") is a term mainly used in the financial and legal industries to describe the legal controls that require financial institutions and other regulated entities to prevent or report money laundering activities. (AML AML - A Manufacturing Language ) infrastructures will be costly and time consuming, since firms must integrate their separate CRM applications, data warehouses and transactional systems into central databases. This is not all bad news: unified infrastructures have advantages beyond AML, and an automated, straight-through processing straight-through processing The direct exchange of cash and securities. Straight-through processing is a major objective for cross-border transactions that are generally much more costly to settle compared to domestic transactions. model can ultimately benefit securities firms. But the $1 million plus project cost is extremely challenging, with a good deal of the profit going to consulting firms and system integrators.
Patriot Compliance System Architecture:
User Interface Fed and FinCEN reporting, internal email
searches, phone record searches, SAR
management, reporting, web search
Common Services Single sign-on, security, messaging
services, search services, web services
Compliance Wire transfer, ACH, check, intra-bank,
switches, FIX (Transactional) CIF,
employee (File scan)
Administration Source automation, screening automation,
OFAC messaging, FinCEN messaging,
history management, exception,
generation, alert generation, report
generation
www.sybase.com www.hnc.com |
|
||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion