Your World of Legal Intelligence
 United States | 1-800-335-6202

Currency and foreign transactions; financial reporting and recordkeeping requirements: USA PATRIOT Act; implementation— Insurance companies; anti-money laundering programs,

As Enacted ( Federal Register) Cited authorities 9 Cited in Related
Vincent

[Federal Register: November 3, 2005 (Volume 70, Number 212)]

[Rules and Regulations]

[Page 66754-66761]

From the Federal Register Online via GPO Access [wais.access.gpo.gov]

[DOCID:fr03no05-4]

DEPARTMENT OF THE TREASURY

31 CFR Part 103

RIN 1506-AA70

Financial Crimes Enforcement Network; Amendment to the Bank Secrecy Act Regulations--Anti-Money Laundering Programs for Insurance Companies

AGENCY: Financial Crimes Enforcement Network, Treasury.

ACTION: Final rule.

SUMMARY: The Financial Crimes Enforcement Network is issuing this final rule to prescribe minimum standards applicable to insurance companies pursuant to the provision in the Bank Secrecy Act that requires financial institutions to establish anti-money laundering programs and to define the companies and insurance products that are subject to that requirement.

DATES: Effective Date: December 5, 2005.

Applicability Date: May 2, 2006. See 31 CFR 103.137(b) of the final rule contained in this document.

FOR FURTHER INFORMATION CONTACT: Financial Crimes Enforcement Network, Regulatory Policy and Programs Division on (202) 354-6400 (not a toll- free number).

SUPPLEMENTARY INFORMATION:

  1. Background

    1. Statutory Provisions

      The Bank Secrecy Act, Public Law 91-508, as amended, codified at 12 U.S.C. 1829b, 12 U.S.C. 1951-1959, and 31 U.S.C. 5311-14, 5316-5332, authorizes the Secretary of the Treasury to issue regulations requiring financial institutions to keep records and file reports that are determined to have a high degree of usefulness in criminal, tax, and regulatory matters, or in the conduct of intelligence or counter- intelligence activities, including analysis, to protect against international terrorism, and to implement anti-money laundering programs and compliance procedures.\1\ Regulations implementing Title II of the Bank Secrecy Act appear at 31 CFR Part 103. The authority of the Secretary to administer the Bank Secrecy Act has been delegated to the Director of the Financial Crimes Enforcement Network.

      \1\ Language expanding the scope of the Bank Secrecy Act to intelligence or counter-intelligence activities, including analysis, to protect against international terrorism was added by section 358 of the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001 (the USA PATRIOT Act), Public Law 107-56.

      On October 26, 2001, the President signed into law the USA PATRIOT Act. Section 352 of the USA PATRIOT Act, which became effective on April 24, 2002, amended 31 U.S.C. 5318(h) to require anti-money laundering programs for all financial institutions defined in 31 U.S.C. 5312(a)(2). At a minimum, the anti-money laundering programs are required to include:

      (A) The development of internal policies, procedures, and controls; (B) the designation of a compliance officer; (C) an ongoing employee training program; and (D) an independent audit function to test programs. 31 U.S.C. 5318(h)(1).

      Section 352(c) of the USA PATRIOT Act directs the Secretary to prescribe regulations for anti-money laundering programs that are ``commensurate with the size, location, and activities'' of the financial institutions to which such regulations apply. Section 5318(h)(2) permits the Secretary to exempt from this anti-money laundering program requirement those financial institutions not currently subject to the Financial Crimes Enforcement Network's regulations implementing the Bank Secrecy Act. Section 5318(a)(6) further provides that the Secretary may exempt any financial institution from any Bank Secrecy Act requirement. Taken together, these provisions authorize the issuance of anti-money laundering program regulations that may differ with respect to certain kinds of financial institutions, and that may exempt certain financial institutions from the requirements of section 5318(h)(1).

      Although insurance companies have long been defined as financial institutions under the Bank Secrecy Act (see 31 U.S.C. 5312(a)(2)(M)), we, prior to the notice of proposed rulemaking preceding this final rule,\2\ had neither defined ``insurance companies'' for purposes of the Bank Secrecy Act nor issued regulations regarding insurance companies. In April 2002, we deferred the anti-money laundering program requirement contained in 31 U.S.C. 5318(h) that would have applied to the insurance industry.\3\ The deferral

      [[Page 66755]]

      allowed us time to study the insurance industry and to consider how anti-money laundering controls could best be applied to that industry, considering differences in size, location, and services within the industry.

      \2\ See 67 FR 60625 (Sept. 26, 2002).

      \3\ See 31 CFR 103.170, as codified by interim final rule published at 67 FR 21110 (Apr. 29, 2002), as amended at 67 FR 67547 (Nov. 6, 2002) and corrected at 67 FR 68935 (Nov. 14, 2002).

      Published elsewhere in a separate part of the Federal Register is a final rule requiring insurance companies to file Suspicious Activity Reports. That final rule applies to the same universe of insurance companies and covered products as this final rule.\4\

      \4\ The limited definition of insurance company for purposes of this rule, as well as the final rule requiring insurance companies to file Suspicious Activity Reports, is not intended to limit the kinds of financial institutions that may voluntarily report suspicious activity under the protection of the safe harbor from liability contained in 31 U.S.C. 5318(g)(3).

    2. Insurance Company Regulation and Money Laundering

      The statutory mandate that all financial institutions establish anti-money laundering programs is a key element in the national effort to prevent and detect money laundering and the financing of terrorism. The mandate recognizes that financial institutions other than depository institutions, which have long been subject to Bank Secrecy Act requirements, are also vulnerable to money laundering.

      The application of anti-money laundering measures to non-depository institutions generally, and to insurance companies in particular, also has been emphasized by the international regulatory community as a key element in combating money laundering. One of the central recommendations of the Financial Action Task Force,\5\ of which the United States is a member, is that financial institutions, including insurance companies, establish anti-money laundering programs. See Financial Action Task Force Forty Recommendations (Recommendation 15 and Glossary).

      \5\ The Financial Action Task Force is an inter-governmental body whose purpose is the development and promotion of policies to combat money laundering. Originally created by the G-7 nations, its membership now includes Argentina, Australia, Austria, Belgium, Brazil, Canada, Denmark, Finland, France, Germany, Greece, Hong Kong, Iceland, Ireland, Italy, Japan, Luxembourg, Mexico, the Kingdom of the Netherlands, New Zealand, Norway, Portugal, Russia, Singapore, South Africa, Spain, Sweden, Switzerland, Turkey, the United Kingdom, and the United States, as well as the European Commission and the Gulf Cooperation Council.

      This final rule applies only to insurance companies offering covered products, as defined in the rule. Insurance companies offer a variety of products aimed at transferring the financial risk of a certain event, from the insured to the insurer. These products include life insurance policies, annuity contracts, property and casualty insurance policies, and health insurance policies. These products are offered through a number of different distribution channels. Some insurance companies sell their products through direct marketing in which the insurance company sells a policy directly to the insured. Other companies employ agents, who may either be captive or independent. Captive agents generally represent only one insurer or one group of affiliated insurance companies; independent agents may represent a variety of insurance carriers. A customer also may employ a broker (i.e., a person who searches the marketplace for insurance in the interest of the customer) to obtain insurance.

      This final rule focuses on those covered insurance products possessing features that make them susceptible to being used for money laundering or the financing of terrorism. For example, life insurance policies that have a cash surrender value are potential money laundering vehicles. Cash value can be redeemed by a money launderer or can be used as a source of further investment of tainted funds'for example, by taking out loans against such cash value. Similarly, annuity contracts also pose a money laundering risk because they allow a money launderer to exchange illicit funds for an immediate or deferred income stream or to purchase a deferred annuity and obtain clean funds upon redemption.\6\ These risks do not exist to the same degree in term life insurance products, group life insurance products, group annuities, or in insurance products offered by property and casualty insurers or by title or health insurers.

      \6\ For an example of money laundering involving the fraudulent conversion of money in an insurance premium trust account, see U.S. v. Boscarino, Aulenta, and Mangurten, No. 02 CR 0086 (N.D. Ill. ED 2002) (Superseding Indictment).

      The international community has focused on life insurance policies and those insurance products with investment features as the appropriate subjects of anti-money laundering programs for insurance companies. In defining the kinds of insurance companies that should establish anti-money laundering programs, the Financial Action Task Force Forty Recommendations focuses on those businesses involved in the ``[u]nderwriting and placement of life insurance and other investment related insurance.'' See Glossary and Recommendation 15.

      A 2002 federal grand jury indictment illustrates the money laundering risks associated with insurance products and the corresponding need for vigilance in the insurance industry.\7\ That indictment charged five Colombian nationals with conspiring to launder millions of dollars originating from the illicit sale of cocaine. The scheme involved the purchase and subsequent redemption of life insurance policies.

      \7\ United States of America v. Rodrigo Jose Murillo, Alexander Murillo, Jaime Eduardo Rey Albornoz, Arturo Delgado, and Esperanza Romero, Mag. Docket No. 02-21007 (S.D. FL. 2002) (Grand Jury Indictment).

      According to court documents and interviews related to that indictment, federal law enforcement officials have discovered that in recent years Colombian drug cartels bought life insurance policies in continental Europe, the United Kingdom, and in smaller jurisdictions such as the Isle of Man, to launder the proceeds of drug trafficking. Using narcotics proceeds from the United States and Mexico, the traffickers purchased 250 life insurance policies in the Isle of Man alone. The insurance policies, worth as much as $1.9 million each, were sometimes taken out in the names of cartel associates and members of their families. The traffickers would typically cash out all or part of the Isle of Man policies prematurely, in some cases after only a year, paying penalties of 25 percent or more. The penalties, however, merely represented a ``business cost'' of using the insurance products to launder the illicit narcotics proceeds. Thus far, federal law enforcement officials have seized more than $9.5 million in Florida in connection with the investigation. If the insurance companies in the relevant jurisdictions had been subject to anti-money laundering controls, they might have detected the money laundering scheme because the policyholders were authorizing unrelated third parties to withdraw money from the cash value of their policies or were frequently cashing out their policies early.

      A review of the Suspicious Activity Reports filed with the Financial Crimes Enforcement Network also reveals instances in which financial institutions have reported the suspected use of insurance products for the purpose of laundering the proceeds of criminal activity. During the past five years, a number of Suspicious Activity Reports were filed that reference the use of an insurance product in suspected money laundering activity. For example, several reports describe as suspicious the large, lump-sum purchase of annuity contracts, followed almost immediately

      [[Page 66756]]

      by several withdrawals of those funds. In some cases, the entire balance of the annuity contract was withdrawn shortly after the purchase of the contract. Other reports detail suspicious loans taken out against an annuity contract and life insurance premiums being paid by unrelated third parties.

  2. Notice of Proposed Rulemaking

    On September 26, 2002, we published a notice of proposed rulemaking, 67 FR 60625, that would extend the requirement to establish an anti-money laundering program to insurance companies. The comment period for the proposed rule ended on November 25, 2002. We received over 50 comments from insurance companies and agents, banks, trade associations, attorneys, and a government agency addressing issues raised by either the proposed rule or by a related proposed rule, 67 FR 64067 (October 17, 2002), that would require insurance companies to report suspicious transactions.

  3. Summary of Comments

    Most of the comments focused on the following matters: (1) The potential application of an anti-money laundering program requirement to agents and brokers of insurance companies, rather than just their insurance company principals; (2) the training of agents and brokers concerning their responsibilities under an insurance company's anti- money laundering program; and (3) the appropriate scope of the products that cause an entity to be defined as an insurance company for purposes of the rule. These comments are discussed below. Other significant comments are discussed in the section-by-section analysis.

    1. Treatment of Agents and Brokers

      In the proposed rule, we proposed that an insurance company, but not its agents or brokers, establish an anti-money laundering program. Under the proposed rule, an insurance company would be responsible for obtaining customer information from all relevant sources, including from its agents and brokers, necessary to make its anti-money laundering program effective. We specifically sought comments on whether an insurance company's agents and brokers should be subject to a direct obligation to establish anti-money laundering programs. Commenters were almost evenly divided on this issue. Several agreed with the approach taken in the proposed rule, stating that the benefit of requiring tens of thousands of insurance agents and brokers to independently establish an anti-money laundering program would be outweighed by the costs. Other commenters argued that a direct obligation is necessary because insurance companies lack sufficient control over their distribution channels to integrate these elements into an adequate anti-money laundering compliance program.

      After careful consideration of all the views expressed, we are adopting the approach set forth in the proposed rule. Under the terms of the final rule, the obligation to establish an anti-money laundering program applies to an insurance company, and not its agents or brokers.\8\ Nevertheless, because insurance agents and brokers are an integral part of the insurance industry due to their direct contact with customers, the final rule requires each insurance company to establish and implement policies, procedures, and internal controls reasonably designed to integrate its agents and brokers into its anti- money laundering program and to monitor their compliance with its program. An insurance company's anti-money laundering program also must include procedures for obtaining all relevant customer-related information necessary for an effective program, either from its agents and brokers or from other sources.

      \8\ Certain agents of insurance companies are required under separate rules to establish anti-money laundering programs. See infra note 10.

      The final rule imposes a direct obligation only on insurance companies, and not their agents or brokers, for a number of reasons. First, whether an insurance company sells its products directly or through agents, we believe that it is appropriate to place on the insurance company, which develops and bears the risks of its products, the responsibility for guarding against such products being used to launder unlawfully derived funds or to finance terrorist acts. Second, insurance companies, due to their much larger size relative to that of their numerous agents and brokers, are better able to bear the costs of compliance connected with the sale of their products.\9\ Finally, numerous insurers already have in place compliance programs and best practices guidelines for their agents and brokers to prevent and detect fraud. We believe that insurance companies largely will be able to integrate their anti-money laundering programs into their existing compliance programs and best practices guidelines.

      \9\ Although some agents work within large structures, only a small fraction of agencies employ more than a handful of people. According to one commenter, there are ``independent agents who operate on their own or in offices with just a few of their independent agent colleagues and thus comprise the quintessential notion of a small business operation.'' Letter from the American Council of Life Insurers, Nov. 25, 2002, at 4.

      Insurance agents and brokers will play an important role in the effective operation of an insurance company's anti-money laundering program. By not placing an independent regulatory obligation on agents and brokers, we do not intend to minimize their role and we intend to assess the effectiveness of the rule on an ongoing basis. If it appears that the effectiveness of the rule is being undermined by the failure of agents and brokers to cooperate with their insurance company principals, we will consider proposing appropriate amendments to the rule. We also expect that an insurance company, when faced with a non- compliant agent or broker, will take the necessary actions to secure such compliance, including, when appropriate, terminating its business relationship with such an agent or broker.

    2. Training of Agents and Brokers

      Several commenters requested that the final rule incorporate some flexibility regarding an insurance company's training of its agents and brokers. At least one commenter suggested that we add language to the rule to avoid the duplicative training of independent agents that sell products on behalf of more than one insurance company.

      We agree with these comments. Consequently, the final rule gives an insurance company the flexibility of directly training its agents and brokers. Alternatively, an insurance company may satisfy its training obligation by verifying that its agents and brokers have received the training required by the rule from another insurance company or from a competent third party with respect to the covered products offered by the company. Such training courses are already being developed and offered. A competent third party can include another financial institution that is required to establish an anti-money laundering program.\10\ It is left to the discretion of an insurance company to determine whether the training of its agents by

      [[Page 66757]]

      another party is adequate. We do not intend to certify, license, or otherwise prospectively approve training programs.

      \10\ For example, variable life insurance contracts and variable annuities (variable insurance products) are securities under the Securities Exchange Act of 1934 and therefore may be sold only by registered broker-dealers, who are required to have anti-money laundering programs pursuant to rules issued by the Financial Crimes Enforcement Network and the National Association of Securities Dealers and the New York Stock Exchange, two of the securities industry's self-regulatory organizations. In addition, other covered products, including fixed annuities, are sold by banks, which are also subject to anti-money laundering program requirements. See infra note 19.

    3. Covered Products

      Under the proposed rule, the issuing, underwriting, or reinsuring of a life insurance policy, an annuity contract, or any product with investment or cash value features, would have caused an insurance company to fall within the scope of the rule. A company that offered exclusively other kinds of insurance products, such as a property and casualty insurance policy, would not have been required to establish an anti-money laundering program. The overwhelming majority of commenters agreed with the distinction that we made between higher-risk and lower- risk insurance products.\11\ Some of those commenters requested that we take the additional step of further excluding other kinds of insurance contracts and products relating to life insurance and annuities, such as reinsurance, group life insurance policies, group annuities, and term life insurance policies.

      \11\ See, e.g., Joint Letter from the Independent Insurance Agents and Brokers of America and the National Association of Professional Insurance Agents, Nov. 25, 2002, at 1 (``This distinction [between life insurance and property and casualty insurance] is legitimate and provides relief from the administrative and regulatory burdens of the proposed rule for the segments of the insurance industry that are at very low risk of money laundering.'').

      We, not having been informed or otherwise having learned of examples to the contrary, agree that some of these contracts and products pose little or no risk of being used for money laundering. For example, reinsurance and retrocession contracts and treaties are arrangements between insurance companies by which they reallocate risks within the insurance industry and do not involve transactions with customers. Similarly, group life insurance policies and group annuities are typically issued to a company, financial institution, or association, and generally restrict the ability of an individual insured or participant to manipulate their investment. These products pose low money laundering risks. Consequently, the final rule does not include in its coverage reinsurance or retrocession contracts or treaties, group life insurance, or group annuities.

      After careful consideration of the comments, we also have decided to exclude term life (which includes credit life) insurance policies at this time. Given the operating characteristics of these products--e.g., the absence of a cash surrender value and the underwriting scrutiny given to term policies, especially those with large face amounts--we believe that it would be impractical to launder money through term life insurance policies, and that the corresponding money laundering risks associated with such products are not significant. Nevertheless, as with all new exclusions, we will reconsider this position if circumstances warrant.

      While some insurance companies that offer a diversity of insurance products may decide to adopt company-wide anti-money laundering programs, regardless of the kinds of products they offer, we wish to emphasize that the final rule does not require that an insurance company adopt a company-wide anti-money laundering program applicable to all of its insurance products. The anti-money laundering program requirement applies only to covered products, as defined in the final rule, offered by the insurance company.

  4. Section-by-Section Analysis

    1. 103.137(a)--Definitions

      Section 103.137(a) defines the key terms used in the final rule. In response to comments seeking clarification of certain terms used in the proposed rule, the final rule includes definitions of the terms ``annuity contract,'' ``bank,'' ``broker-dealer in securities,'' ``covered product,'' ``group annuity contract,'' ``group life insurance policy,'' ``insurance agent,'' ``insurance broker,'' and ``permanent life insurance policy.''

      The final rule defines an annuity contract as ``any agreement between the insurer and the contract owner whereby the insurer promises to pay out a fixed or variable income stream for a period of time.'' For purposes of the rule, contracts of indemnity, as well as workers compensation insurance and structured settlements, are not annuity contracts.

      The definition of an insurance company reflects our determination that an anti-money laundering program should be imposed only on those products that pose a significant risk of money laundering or terrorist financing. Thus, an ``insurance company'' includes any person engaged within the United States as a business in the issuing or underwriting of a covered product. The term ``as a business'' is intended to exclude those persons that offer annuities or another covered product as an incidental part of their non-insurance business.\12\ At this time, we believe that such persons present a much lower risk of being used for money laundering or terrorist financing than those persons that offer a covered product as an integral part of their business. We leave open the possibility of revisiting this issue in a future rulemaking if circumstances warrant.

      \12\ For example, a tax-exempt organization that offers charitable gift annuities (as defined in section 501(m)(5) of the Internal Revenue Code, 26 U.S.C. 501(m)(5)) as a vehicle for planned charitable giving to the tax-exempt organization, and that would not otherwise fall within the definition of an insurance company, generally would not be considered an insurance company under the final rule.

      The final rule contains an explicit exception to the definition of an insurance company. That exception clarifies that insurance agents and insurance brokers are not required under the final rule to establish an anti-money laundering program. However, as explained below, an insurance company is responsible for integrating its agents and brokers into its anti-money laundering program and for monitoring their compliance with the requirements of its program. In addition, the definition of an insurance company refers only to the business of issuing or underwriting certain kinds of insurance products, and therefore does not cover the reinsuring or retrocession of insurance products.

      The term ``covered product'' is defined to mean: (i) A permanent life insurance policy, other than a group life insurance policy; (ii) any annuity contract, other than a group annuity contract; and (iii) any other insurance product with features of cash value or investment. Permanent life insurance and annuity products are covered products, with the exception of group life insurance and group annuities. The definition also incorporates a functional approach, and encompasses any insurance product having the same kinds of features that make permanent life insurance and annuity products more at risk of being used for money laundering. To the extent that term life insurance, property and casualty insurance, health insurance, and other kinds of insurance do not exhibit these features, they are not products covered by the rule.

      Some commenters suggested that we should adopt a dollar threshold exemption for life insurance policies, particularly in the context of term life insurance policies. For example, commenters requested that we exempt from the scope of the anti-money laundering program requirement, term life insurance policies with face values below $10,000. As stated above, term life insurance is not covered by this final rule. In addition, we expect, as we do with all of anti-money laundering rules, that an insurance company will take a risk-based approach when developing its anti-money laundering

      [[Page 66758]]

      program. Such an approach should consider a number of factors, including, but not limited to, the dollar amount involved in the issuing or underwriting of certain products. Consequently, we believe that a dollar threshold exemption for purposes of establishing an anti- money laundering program is not warranted.

    2. 103.137(b)--Anti-Money Laundering Program Requirements for Insurance Companies

      Section 103.137(b) requires that, not later than May 2, 2006, each insurance company issuing or underwriting a covered product develop and implement an anti-money laundering program reasonably designed to prevent the insurance company from being used to facilitate money laundering or the financing of terrorist activities. In response to comments requesting that we clarify the breadth of the program requirement, language has been added to clarify that the anti-money laundering program is only required with respect to covered products issued or underwritten by an insurance company. The anti-money laundering program must be in writing and must be approved by senior management. An insurance company's written program also must be made available to the Department of the Treasury, the Financial Crimes Enforcement Network, or their designee upon request. Minimum requirements for the anti-money laundering program are set forth in section 103.137(c). Beyond these minimum requirements, however, the final rule is intended to give insurance companies the flexibility to design their programs to meet the specific risks associated with their particular business.

    3. 103.137(c)--Minimum Requirements

      Section 103.137(c) sets forth the minimum requirements of an insurance company's anti-money laundering program. Section 103.137(c)(1) requires the anti-money laundering program to incorporate policies, procedures, and internal controls based upon the insurance company's assessment of the money laundering and terrorist financing risks associated with its covered products. As noted above, an insurance company's assessment of customer-related information, including methods of payment, is a key component of an effective anti- money laundering program. Thus, an insurance company is responsible for integrating its agents and brokers into its anti-money laundering program, for obtaining relevant customer-related information from them, and for using that information to assess the money laundering risks presented by its business and to identify any ``red flags''.\13\ The specific procedures for conducting such a program are left to the discretion of the insurance company. Insurance companies must use the expertise that they possess about their industry and their particular lines of business to develop a program that meets the requirements of the rule.

      \13\ See infra note 18 and accompanying text.

      In developing a risk-based anti-money laundering program, an insurance company must consider all relevant factors affecting the risks inherent in its covered products. For example, an insurance company should consider the extent and circumstances under which its customers use cash or cash equivalents to purchase a covered product, and whether the insurance company issues or underwrites covered products to persons in a jurisdiction: (1) Whose government has been identified by the State Department as a sponsor of international terrorism under 22 U.S.C. 2371; \14\ (2) that has been designated by the Financial Action Task Force as non-cooperative with international anti-money laundering principles; \15\ or (3) that has been found by the Secretary of the Treasury or the Director of the Financial Crimes Enforcement Network as warranting special measures due to money laundering concerns.\16\

      \14\ See http://www.state.gov/s/ct/rls/pgtrpt/ \15\ See http://www1.oecd.org/fatf/NCCT_en.htm.

      \16\ Information about such jurisdictions can be found at http://www.ustreas.gov/ .

      When assessing risks associated with particular distribution channels for its covered products, an insurance company should consider, among other things, whether an agent or broker is required to establish its own anti-money laundering program pursuant to another requirement in 31 CFR Part 103. Some commenters suggested excluding from an insurer's anti-money laundering program covered products sold by, for example, broker-dealers in securities or banks because they are already subject to an anti-money laundering program requirement. Although we do not believe that a complete exclusion is appropriate, the insurance company could generally rely on the agent's own program requirements to address issues at the time of the sale if reasonable (i.e., the insurer knows of no defect in the agent's program), while the insurer's program should focus on the ongoing administration of the covered product.

      Policies, procedures, and internal controls also must be reasonably designed to ensure compliance with applicable Bank Secrecy Act requirements. The only Bank Secrecy Act regulatory requirement currently applicable to insurance companies is the obligation to report on Form 8300 the receipt of cash or certain non-cash instruments totaling more than $10,000 in one transaction or in two or more related transactions. As noted above, we today are also publishing a final rule requiring insurance companies to file Suspicious Activity Reports, which will apply to transactions occurring after May 2, 2006.\17\ If insurance companies become subject to additional Bank Secrecy Act requirements, their anti-money laundering programs will need to be updated accordingly.

      \17\ When voluntarily filing reports of suspicious transactions, insurance companies should use the Suspicious Activity Report by Insurance Companies (SAR-IC) form being developed specifically for use by the insurance industry. This form will be made available on the Financial Crimes Enforcement Network website at http://www.fincen.gov. In the interim, insurance companies should use the

      Suspicious Activity Report by Securities and Futures Industries.

      Insurance companies typically conduct their sales operations through agents. Some elements of the compliance program will be best performed by these agents, in which case it is permissible for an insurance company to make appropriate arrangements with an agent to perform those aspects of its anti-money laundering program. Any insurance company that arranges for its agent to perform aspects of its anti-money laundering program, however, remains responsible for the effectiveness of the program, as well as for ensuring that the appropriate examiners have access to information and records relating to the anti-money laundering program and are able to inspect the agent or the third party for purposes of the program. An insurance company's compliance with this regulation includes: Taking reasonable steps to identify the aspects of its operations that may give rise to applicable Bank Secrecy Act regulatory requirements or that are vulnerable to money laundering or terrorist financing activity; developing and implementing a program reasonably designed to achieve compliance with such regulatory requirements and to prevent such activity; and monitoring the effectiveness of its program. For example, it would not be sufficient for an insurance company simply to obtain a certification from its delegee that the company ``has a satisfactory anti-money laundering program.''

      Section 103.137(c)(2) requires that an insurance company designate a compliance officer to be responsible for administering the anti-money laundering program. An insurance

      [[Page 66759]]

      company may designate a single person or committee to be responsible for compliance. The person or persons should be competent and knowledgeable regarding applicable Bank Secrecy Act requirements and money laundering risks, and should be empowered with full responsibility and authority to develop and enforce appropriate policies and procedures. The role of the compliance officer is to ensure that: (1) The program is being implemented effectively, including monitoring compliance by the company's insurance agents and insurance brokers with their obligations under the program; (2) the program is updated as necessary; and (3) appropriate persons are trained in accordance with section 103.137(c)(3). The compliance officer also should ensure that employees of the insurance company have appropriate resources to which they can address questions regarding the application of the program in light of specific facts.

      Section 103.137(c)(3) requires that an insurance company provide training for appropriate persons. Training is an integral part of any anti-money laundering program. In order for the anti-money laundering program to be effective, employees of an insurance company with responsibility under the program must be trained in the requirements of the program and money laundering risks generally so that ``red flags'' associated with covered products can be identified.\18\ Such training could be conducted by outside or in-house seminars, and could include computer-based training. The nature, scope, and frequency of the training will depend upon the functions performed. However, those persons with obligations under the anti-money laundering program must be sufficiently trained to carry out their responsibilities effectively and should receive periodic updates and refreshers regarding the anti- money laundering program.

      \18\ Some examples of ``red flags'' include, but are not limited to, the following: The purchase of an insurance product inconsistent with the customer's needs; unusual payment methods, such as cash, cash equivalents (when such a usage of cash or cash equivalents is, in fact, unusual), or structured monetary instruments; early termination of a product, especially at a cost to the customer, or where payment is made by, or the refund check is directed to, an apparently unrelated third party; the transfer of the benefit of a product to an apparently unrelated third party; a customer who shows little concern for the investment performance of a product, but much concern about the early termination features of the product; a customer who is reluctant to provide identifying information when purchasing a product, or who provides minimal or seemingly fictitious information; and a customer who borrows the maximum amount available soon after purchasing the product.

      An insurance company also must provide for the training of its insurance agents and brokers concerning their responsibilities under the company's anti-money laundering program. An insurance company may satisfy this requirement by directly training its agents and brokers or by verifying that its agents and brokers have received the required training by another insurance company or by a competent third party with respect to covered products offered by the company. For purposes of the rule, a competent third party can include a third-party vendor as well as another financial institution that is subject to an anti- money laundering program requirement, such as a broker-dealer in securities or a bank. Some commenters suggested that we establish and maintain a central registry for certifications of agent training. Although we would not object to the establishment of a privately maintained registry, we will not establish such a registry for a number of reasons, including the fact that it could be interpreted as an endorsement of the adequacy of such training.

      Section 103.137(c)(4) requires that an insurance company provide for independent testing of the program on a periodic basis to ensure that it complies with the requirements of the rule and that the program functions as designed.\19\ An outside consultant or accountant need not perform the test. A single employee of the insurance company, or a committee comprised of more than one employee, may perform the independent testing, as long as the tester is not the compliance officer or otherwise involved in administering the program. The frequency of the independent testing will depend upon the insurance company's assessment of the risks associated with its covered products. Any recommendations resulting from such testing should be implemented promptly or submitted to senior management for consideration.

      \19\ As noted above, an employee or agent of an insurance company who also is a registered representative of a broker-dealer in securities or an employee of a bank would be subject to the broker-dealer's or bank's anti-money laundering program, including its testing. In such a case, the insurance company would not have to independently test those relevant parts of the broker-dealer's or bank's program, as long as it confirms that such testing has occurred and the insurance company reviews the relevant portion of any report produced.

    4. 103.137(d)--Insurance Companies That Are Registered Broker-Dealers in Securities

      The proposed rule contained a provision stating that an insurance companythat is required to register with the Securities and Exchange Commission shall be deemed to have satisfied the requirements of this section for those activities regulated by the Securities and Exchange Commission to the extent that the company complies with the anti-money laundering program requirements applicable to such activities that are imposed by the Securities and Exchange Commission or by a self- regulatory organization registered with the Securities and Exchange Commission. This provision, which was intended to avoid an insurance company being subject to two different anti-money laundering rules regarding the same activities, has been retained in simplified form in the final rule. It would apply to an insurance company that is registered (or is required to register) with the Securities and Exchange Commission as a broker-dealer in securities. To the extent such a company already is required to establish and has established an anti-money laundering program pursuant to 31 CFR 103.120, it shall be deemed to be in compliance with this final rule. However, to the extent that this final rule imposes requirements with respect to activities not covered by 31 CFR 103.120 and the registered broker-dealer insurance company has adopted an anti-money laundering program that addresses only its broker-dealer activities, the company would not be deemed in compliance with this rule. In addition, this provision applies only to an insurance company that is itself registered or required to register with the Securities and Exchange Commission as a broker-dealer in securities,\20\ and not to a registered broker-dealer that distributes an insurance company's products as agent.\21\

      \20\ We are currently aware of only one such insurance company, although there may be others.

      \21\ We have not expanded this provision to also apply to broker-dealers with anti-money laundering programs distributing an insurance company's products as agent, as requested by a commenter. The final rule's application to such broker-dealers is discussed in Part IV.C. above.

    5. 103.137(e)--Compliance

      A new subsection (e) has been added to specifically state that the Financial Crimes Enforcement Network or its delegee shall examine the insurance company for compliance with this regulation, and that failure to comply may violate the Bank Secrecy Act and the final rule.

  5. Executive Order 12866

    The final rule contained in this document is not a significant regulatory action for purposes of Executive Order

    [[Page 66760]]

    12866. Accordingly, a regulatory impact analysis is not required.

  6. Regulatory Flexibility Act

    It is hereby certified, pursuant to the Regulatory Flexibility Act (5 U.S.C. 601 et seq.), that the final rule contained in this document is not likely to have a significant economic impact on a substantial number of small entities. Most insurance companies are not small businesses. In addition, the costs associated with the establishment and implementation of anti-money laundering programs are attributable to the mandatory nature of 31 U.S.C. 5318(h)(1). The final rule provides for substantial flexibility in how each insurance company may comply with that statutory mandate. This flexibility is designed to account for differences among insurance companies, including size. In this regard, the costs associated with developing and implementing an anti-money laundering program will be commensurate with the size of an insurance company. If a company is small, the burden of complying with the final rule should be correspondingly small. Consistent with the principles of the Regulatory Flexibility Act, we did consider exempting small insurance companies from some or all of the requirements of the final rule. We do not believe that such an exemption is appropriate, given the flexibility provided in the final rule to account for, among other things, differences in size and resources, and that money laundering can also occur through small insurance companies.

  7. Paperwork Reduction Act

    The collection of information contained in the final rule has been approved by the Office of Management and Budget in accordance with the Paperwork Reduction Act of 1995 (44 U.S.C. 3507(d)), and assigned Office of Management and Budget Control Number 1506-0035. An agency may not conduct or sponsor, and a person is not required to respond to, a collection of information unless it displays a valid control number assigned by the Office of Management and Budget.

    The only requirement in the final rule that is subject to the Paperwork Reduction Act is the requirement that an insurance company keep a written record of its anti-money laundering program. The estimated annual average burden associated with this collection of information is one hour per recordkeeper. We received one comment on this recordkeeping burden estimate, suggesting that the estimate was too low. Consistent with each of the prior rules that we have issued implementing 31 U.S.C. 5318(h)(1), we believe that our original estimate is accurate.

    Comments concerning the accuracy of this recordkeeping burden estimate and suggestions for reducing this burden should be sent (preferably by fax on (202) 395-6974) to Desk Officer for the Department of the Treasury, Office of Information and Regulatory Affairs, Office of Management and Budget, Washington, DC 20503 (or by the Internet to jlackeyj@omb.eop.gov), with a copy by paper mail to Financial Crimes Enforcement Network, P.O. Box 39, Vienna, VA 22183, ``ATTN: Section 352--Insurance Company AML Regulation'' or by electronic mail to regcomments@fincen.treas.gov with the caption ``ATTN: Section 352--Insurance Company AML Regulation'' in the body of the text.

    List of Subjects in 31 CFR Part 103

    Administrative practice and procedure, Authority delegations (Government agencies), Insurance companies, Currency, Investigations, Law Enforcement, Reporting and recordkeeping requirements.

    Authority and Issuance

    0 For the reasons set forth in the preamble, part 103 of title 31 of the Code of Federal Regulations is amended as follows:

    PART 103--FINANCIAL RECORDKEEPING AND REPORTING OF CURRENCY AND FINANCIAL TRANSACTIONS

    0 1. The authority citation for part 103 is revised to read as follows:

    Authority: 12 U.S.C. 1829b and 1951-1959; 31 U.S.C. 5311-5314, 5316-5332; title III, sec. 314, Pub. L. 107-56, 115 Stat. 307.

    0 2. Subpart I of part 103 is amended by adding new Sec. 103.137 to read as follows:

    Sec. 103.137 Anti-money laundering programs for insurance companies.

    (a) Definitions. For purposes of this section:

    (1) Annuity contract means any agreement between the insurer and the contract owner whereby the insurer promises to pay out a fixed or variable income stream for a period of time.

    (2) Bank has the same meaning as provided in Sec. 103.11(c).

    (3) Broker-dealer in securities has the same meaning as provided in Sec. 103.11(f).

    (4) Covered product means:

    (i) A permanent life insurance policy, other than a group life insurance policy;

    (ii) An annuity contract, other than a group annuity contract; and

    (iii) Any other insurance product with features of cash value or investment.

    (5) Group annuity contract means a master contract providing annuities to a group of persons under a single contract.

    (6) Group life insurance policy means any life insurance policy under which a number of persons and their dependents, if appropriate, are insured under a single policy.

    (7) Insurance agent means a sales and/or service representative of an insurance company. The term ``insurance agent'' encompasses any person that sells, markets, distributes, or services an insurance company's covered products, including, but not limited to, a person who represents only one insurance company, a person who represents more than one insurance company, and a bank or broker-dealer in securities that sells any covered product of an insurance company.

    (8) Insurance broker means a person who, by acting as the customer's representative, arranges and/or services covered products on behalf of the customer.

    (9) Insurance company or insurer. (i) Except as provided in paragraph (a)(9)(ii) of this section, the term ``insurance company'' or ``insurer'' means any person engaged within the United States as a business in the issuing or underwriting of any covered product.

    (ii) The term ``insurance company'' or ``insurer'' does not include an insurance agent or insurance broker.

    (10) Permanent life insurance policy means an agreement that contains a cash value or investment element and that obligates the insurer to indemnify or to confer a benefit upon the insured or beneficiary to the agreement contingent upon the death of the insured.

    (11) Person has the same meaning as provided in Sec. 103.11(z).

    (12) United States has the same meaning as provided in Sec. 103.11(nn).

    (b) Anti-money laundering program requirements for insurance companies. Not later than May 2, 2006, each insurance company shall develop and implement a written anti-money laundering program applicable to its covered products that is reasonably designed to prevent the insurance company from being used to facilitate money laundering or the financing of terrorist activities. The program must be approved by senior management. An insurance company shall make a copy of its anti-money laundering program available to the Department of the Treasury, the Financial Crimes Enforcement Network, or their designee upon request.

    [[Page 66761]]

    (c) Minimum requirements. At a minimum, the program required by paragraph (b) of this section shall:

    (1) Incorporate policies, procedures, and internal controls based upon the insurance company's assessment of the money laundering and terrorist financing risks associated with its covered products. Policies, procedures, and internal controls developed and implemented by an insurance company under this section shall include provisions for complying with the applicable requirements of subchapter II of chapter 53 of title 31, United States Code and this part, integrating the company's insurance agents and insurance brokers into its anti-money laundering program, and obtaining all relevant customer-related information necessary for an effective anti-money laundering program.

    (2) Designate a compliance officer who will be responsible for ensuring that:

    (i) The anti-money laundering program is implemented effectively, including monitoring compliance by the company's insurance agents and insurance brokers with their obligations under the program;

    (ii) The anti-money laundering program is updated as necessary; and

    (iii) Appropriate persons are educated and trained in accordance with paragraph (c)(3) of this section.

    (3) Provide for on-going training of appropriate persons concerning their responsibilities under the program. An insurance company may satisfy this requirement with respect to its employees, insurance agents, and insurance brokers by directly training such persons or verifying that persons have received training by another insurance company or by a competent third party with respect to the covered products offered by the insurance company.

    (4) Provide for independent testing to monitor and maintain an adequate program, including testing to determine compliance of the company's insurance agents and insurance brokers with their obligations under the program. The scope and frequency of the testing shall be commensurate with the risks posed by the insurance company's covered products. Such testing may be conducted by a third party or by any officer or employee of the insurance company, other than the person designated in paragraph (c)(2) of this section.

    (d) Anti-money laundering program requirements for insurance companies registered or required to register with the Securities and Exchange Commission as broker-dealers in securities. An insurance company that is registered or required to register with the Securities and Exchange Commission as a broker-dealer in securities shall be deemed to have satisfied the requirements of this section for its broker-dealer activities to the extent that the company is required to establish and has established an anti-money laundering program pursuant to Sec. 103.120 and complies with such program.

    (e) Compliance. Compliance with this section shall be examined by the Department of the Treasury, through the Financial Crimes Enforcement Network or its delegees, under the terms of the Bank Secrecy Act. Failure to comply with the requirements of this section may constitute a violation of the Bank Secrecy Act and of this part.

    Dated: October 28, 2005. William J. Fox, Director, Financial Crimes Enforcement Network.

    [FR Doc. 05-21917 Filed 11-2-05; 8:45 am]

    BILLING CODE 4810-02-P

VLEX uses login cookies to provide you with a better browsing experience. If you click on 'Accept' or continue browsing this site we consider that you accept our cookie policy. ACCEPT