|
|
Overview
Section 314(b) of
the USA PATRIOT Act, which allows for the sharing of information between
financial institutions, has been in effect since September 26, 2002. Although
a number of institutions have gone through the notice/certification process,
many institutions seem reluctant to implement the process and actually
share money laundering or terrorist activity information.
This article will
provide an overview of the information sharing process under section 314(b)
of the USA PATRIOT Act, discuss recent examination procedures that impact
this area and offer compliance tips to insure any information sharing
follows the law. Hopefully, the information contained in this article
will help your organization move forward and fully implement the section
314(b) sharing process.
314(b)
Information Sharing
The purpose of section
314 (b) of the USA PATRIOT Act is to encourage financial institutions
to share information for the purpose of identifying and reporting activities
that may involve terrorist activity or money laundering. Prior to section
314 (b), institutions were reluctant to share such information for fear
of violating privacy laws or being accused of sharing information that
was false. To remove the risk of potential liability, the regulators created
a notice/certification process for section 314(b) purposes. An institution
that provides notice to the Treasury Department, on an annual basis, stating
that it intends to engage in information sharing and certifying that it
has established procedures to safeguard the information, and follows those
procedures, will be protected from civil liability. Following the section
314 (b) process is voluntary; institutions are not required to share information
if they choose not to. However, institutions that share and fail to follow
section 314 (b) will lose the statutory safe harbor and may be found in
violation of privacy laws or other laws or regulations. Finally, in order
to safely share information under section 314(b) you must verify that
the institution you plan to share with has also filed the appropriate
notice/certification with the Treasury Department.
Examination
Procedures
Recently, the federal
banking regulators released examination guidance that provides useful
information regarding what to expect during the section 314(b) portion
of your next BSA/AML examination.
| Request
Letter Items
Prior to your
next BSA/AML exam, your regulator may issue a “Request Letter”
that asks for a number of items needed by the examiner to facilitate
the examination. Requested items may include:
- A copy of
your policy and procedures for sharing suspected terrorist activity
or money laundering information pursuant to section 314 (b).
- A copy of
your policy and procedures for receiving information pertaining
to terrorist activity or money laundering pursuant to section
314 (b).
- Copies of
any SARs filed related to section 314 (b) sharing or information.
- The analysis
or documentation regarding situations where an SAR filing was
considered but the decision was made to not actually file a SAR.
|
| Policy
and Procedure Review
During the
actual examination, your examiner will review your compliance management
system for sharing terrorist or money laundering activity. The examination
process will generally involve the following:
- Examiner
discussions with management to determine whether your institution
intends to share information regarding terrorist or money laundering
activity.
- If your intention
is to share, the examiner will evaluate your policies and procedures
for sharing and receiving shared information. At a minimum, your
policies and procedure should:
- Specify
a point of contact for receiving and providing information;
- Ensure
the safeguarding and confidentiality of the information received
and requested;
- Provide
a process for sending and responding to requests which ensures
that those you intend to share will have filed the proper
notice;
- Provide
procedures for determining whether and when SARs should be
filed;
- Describe
the process for documenting your compliance;
- Contain
sufficient internal controls;
- Address
ongoing training;
- Test
for compliance on an independent basis.
- If your
institution is sharing but not following the section 314(b) process,
your examiner will notify those examiners who review for compliance
with the privacy laws.
- Your examiner
will expect to review your documentation by sampling both information
shared and shared information received. From this, they will evaluate
how you determined whether or not to submit a SAR.
|
Compliance
Tips
The following tips
are intended to help your organization comply with the section 314(a)
requirements.
- Participation
Encouraged. The government established the section 314(b) process
to encourage the sharing of information relating to money laundering
or terrorist activity. By sharing this information, it may be possible
to thwart future illegal activity. The war against terrorism impacts
everyone and all attempts to combat the problem should be considered.
- Safe harbor
provided.
To sweeten the deal, the government has offered safe harbor protection
from liability to those organizations that follow the section 314(b)
process. With this protection from civil liability, you will not be
liable for violating privacy or other related laws.
- It takes
two. The section 314(b) process is a two-way street. In order
to take advantage of the safe harbor protection, you need to follow
the notification process and you need to make sure that those you share
with have followed the process. Verify that you have a procedure in
place for documenting whether a particular institution has completed
the notice requirements under section 314(b). This may include retaining
a copy of the other institution’s 314 notice, obtaining a statement
that the institution has complied with the 314 or some other method.
- Review
information security systems. The section 314(b) process requires
that you certify that you have procedures in place to safeguard information
you release and take in. The regulators have said that your process
for keeping information secure will be sufficient if it tracks your
information security program under the GLB privacy laws.
- Limit
your conversations.
The section 314(b) process is intended to cover information sharing
regarding money laundering or terrorist activity. The sharing of information
beyond this subject matter is not protected under section 314.
- Educate
management.
The new examination procedures state that examiners will converse with
management to determine whether you are sharing in accordance with section
314(b). Verify that your management is clear as to your information
sharing practices and whether or not you are following the section 314(b)
process.
- Other
AML laws may apply. Information sharing under 314(b) does not
relieve you of your OFAC or BSA obligations. Transactions may need to
be block and SARs may need to be filed and these decisions should be
made in accordance with the appropriate law.
Conclusion
The Section 314(b)
process is voluntary; you do not have to share information if you do not
want to. However, given the safe harbor protections, it is something your
institution should give serious thought to. If institutions refuse to
share information and terrorist activity continues to escalate, it is
possible the government would issue laws that require sharing. Government
regulations often hit more than the intended target and the last thing
most institutions need is another expensive regulation to abide by.
Back
to Top
|
|
|
|
|
