Many people credit the federal Patriot Act of 2001 with expanding the federal government’s right to gather intelligence, and search and detain—and also deport—individuals suspected of terrorist activities. But another important, often overlooked provision in the Patriot Act refers to money laundering. Title III is the International Money Laundering Abatement and Anti-Terrorism Financing Act of 2001.
Bruce Ortwine, general counsel of the Americas and senior executive vice president at Sumitomo Mitsui Trust Bank, works to help Sumitomo adhere to the Patriot Act and proactively fight terrorist organizations that would use Sumitomo’s services to finance criminal practices.
Introducing the Patriot Act
First, Ortwine wants to dispel the idea that banking institutions only loosely monitored laundering before the passage of the Patriot Act. “The anti-money laundering laws go back decades before the events of 9/11 that resulted in the Patriot Act,” Ortwine says. “Existing anti-money laundering laws were further strengthened in the late 1980s, so we’ve had these requirements for the past forty-plus years.”
Ortwine says as a result of 9/11 and the Patriot Act, anti-money laundering requirements merged with attempts to limit the finance of terrorist acts. “There was already a Bank Secrecy Act and several anti-money laundering requirements,” he says. “The Patriot Act merged the bank secrecy act requirements with the anti-terrorist financing issue.”
Ortwine explains that 9/11 changed a lot of things not only in the United States but also globally. He says the government’s prioritization of strict enforcement of anti-money laundering laws was expanded and intensified through the Patriot Act.
“Almost immediately with the passage of the Patriot Act, new requirements were imposed on banks, including those relating to dealing with so-called ‘shell’ or offshore banks that had no physical presence,” he says.
These new requisites on the banking industry had far-reaching ramifications as it criminalized the financing of terrorism, prohibited financial institutions from engaging in business with foreign shell banks, and required financial institutions to have due diligence procedures for foreign correspondent and private banking accounts. The Patriot Act also improved information sharing between financial institutions and the US government by requiring voluntary information sharing among financial institutions.
The Patriot Act
The Patriot Act’s influence on the banking industry resulted in many widespread changes and provided guidelines and mandates designed to counter the ability of terrorists to finance their operations through US banks. It also allowed bank employees to maintain their integrity and report suspicious activity, and it gave the federal government the authority to seize the assets of terrorist persons or organizations deposited in US banks.
In addition, it placed restrictions on accounts and foreign banks, dealt with corruption, required more stringent record-keeping and reporting, enacted various anti-money laundering programs and strategies, and imposed penalties for noncompliance.
Over the next couple of years, Ortwine says new, comprehensive regulations were rolled out that imposed strict obligations on the identification of new customers and appropriate due diligence of existing customers and the bank’s overall anti-money laundering compliance program.
Sumitomo built four distinct components or pillars of the program, as required by these regulations: put in place appropriate policies and procedures to identify customers, conduct due diligence, and monitor account activity; the Bank Secrecy Act compliance office to oversee the AML compliance program; training of all employees on their anti-money laundering responsibilities; and independent testing of the AML compliance program by internal audit.
Compliance is necessary
The Patriot Act merged terrorist financing into the broader context of prohibited money laundering. “The banking industry was a conduit through which funds were sent domestically in the United States to various terrorist organizations throughout the world,” Ortwine says. The money being sent could either be derived from criminal activity or it could be money that was legitimately earned. However, he says, the banking industry was specifically targeted to try to stop the flow of funds to terrorists. “The government viewed anti-money laundering and terrorist financing as a significant priority and became very aggressive in their enforcement of these new laws and regulations.”
Ortwine says that regulatory agencies, in their examination, found widespread deficiencies in AML and anti-terrorist financing compliance and became very aggressive in their criticism of these compliance programs. They also required banks to make specific improvements and imposed monetary fines on banks that failed to do so. In fact, he says that this way of requiring improvements in compliance programs—namely enforcement actions, and in some cases, deferred prosecution and monetary fines—continues today.
“On a related note, the government lacked and still lacks the necessary resources to effectively control the flow of funds and effectively has deputized all banks operating in the United States to assist in the objective to prevent the flow of money to terrorists,” Ortwine says.
More information, more challenges
Sumitomo faced many challenges when the bank began receiving more information about their customers’ identities, legal organizations, business that they conducted, where they conducted those businesses, and the types of transactions that the customer could be expected to conduct using their Sumitomo bank accounts.
It was also crucial to know whether any members of senior management, directors, or significant owners, were politically exposed persons, including current or former government officials, since bribery and corruption of government officials also became a large concern.”
In general, he says the legislation forced the bank to change the nature of its relationship with customers and become much more probing and innately suspicious of its customers.
However, he says Sumitomo now has a mature and stable anti-money laundering program. “The challenge we face is to keep up with all of the new regulatory requirements and to closely monitor enforcement actions that the government brings against other banks to ensure that we could never be susceptible to similar criticism.”
One very recent example is a new regulation that takes effect in May 2018, requiring enhanced customer due diligence and collecting and verifying information about individuals who own or control corporate or other legal entity customers.
Follow-up Act
To meet the requirements and goals of the Patriot Act, Sumitomo had to take a number of major steps. These included the following four changes:
1. Implement a compliance program with policies to identify customers and monitor account activity
2. Appoint a compliance officer to oversee the company’s AML compliance program
3. Train bank employees on their anti-money laundering responsibilities
4. Implement independent testing of the compliance program through an internal audit
Source: Sumitomo Mitsui Trust Bank
Coming up next in finance
Ortwine says that this new regulation will add a fifth component or pillar to the existing anti-money laundering compliance program requirements by requiring banks to develop and update customer risk profiles and customer information, and conduct additional, ongoing monitoring.
“Sumitomo already does this in our compliance program, but at a minimum, we will need to enhance relevant documentation as necessary to clearly provide for these practices,” he says.
Ortwine is in the right place at the right time to guide Sumitomo through these changes. Before becoming general counsel in 1990, he worked for two large law firms in New York City, and these experiences prepared him for his current position. Ortwine spent a significant amount of time representing banks and interpreting banking regulations. He also worked on very complicated transactions that required very tight scheduling time frames with complex documentation. “I was reasonably comfortable understanding and interpreting regulatory requirements, drafting documentation to comply with those requirements, and communicating those requirements to employees within my bank.”
