Skip to main content

Bulletin No. 2002-01-INS

USA Patriot Act of 2001

Addendum: On April 23, 2002, the U.S. Treasury Department deferred the effective date of Section 352 as to insurance companies until October 24, 2002 to permit Treasury to study the industry and issue regulations tailored to insurance operations. Proposed regulations for Section 352 are expected in June 2002 and, according to Department of Treasury Staff, will likely establish an effective date earlier than October 24, 2002. This deferral of Section 352 requirements does not relieve insurance companies in the interim from responsibility to report certain transactions in cash, currency, or monetary instruments under 31 CFR 103.30 or 26 CRF 1.60501.

Issued and entered April 19, 2002 by Frank M. Fitzgerald, Commissioner of Financial and Insurance Services 

On October 26, 2001, President Bush signed into law the "Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act of 2001"1 (the Act). This law, enacted in response to the terrorist attacks of September 11, 2001 strengthens our Nation's ability to combat terrorism and prevent and detect money-laundering activities.

The purpose of this Bulletin is to advise insurers and other insurance entities persons or entities regulated by the Office of Financial and Insurance Services of important new responsibilities under the Act. In particular, Section 352 of the Act amends the Bank Secrecy Act ("BSA")2 to require that all financial institutions establish an anti-money laundering program, and Section 326 amends the BSA to require the Secretary of the Treasury (Treasury) to adopt minimum standards for financial institutions regarding the identity of customers that open accounts.

Section 352 - Establishing Anti-Money Laundering Programs

Section 352 of the Act requires the establishment of an anti-money laundering program, including, at a minimum:

  • The development of internal policies, procedures, and controls; these should be appropriate for the level of risk of money laundering identified.
  • The designation of a compliance officer; the officer should have appropriate training and background to execute their responsibilities. In addition, the compliance officer should have access to senior management.
  • An ongoing employee training program; a training program should match training to the employees' roles in the organization and their job functions. The training program should be provided as often as necessary to address gaps created by movement of employees within the organization and turnover.
  • An independent audit function to test the programs. The independent audit function does not require engaging outside consultants. Internal staff that is independent of those developing and executing the anti-money laundering program may conduct the audit.

Treasury is currently drafting a regulation describing the anti-money laundering compliance program for insurers. The regulation may borrow from the anti-money laundering compliance program rule recently proposed by the NASD for broker-dealers3, and is expected to be promulgated in late spring or early summer.

Insurance companies are included in the BSA's definition of financial institution, and should be prepared to comply with the new law and the regulations promulgated thereunder. Section 352 of the Act becomes effective on April 24, 2002; all insurance companies are required to be in compliance with the law by that date. 

As part of its rulemaking process, Treasury is determining the extent to which other insurance entities will be considered financial institutions for purposes of the regulation. It is anticipated that the regulation could cover all other persons and entities engaged in the business of insurance, including brokers, agents, and managing general agents, and may also include other regulated entities. These insurance entities will be required to comply with the regulation by the regulation's effective date.

Anti-money laundering programs are not anticipated to be "one size fits all." Rather, it is expected that they will be developed using a risk-based approach. Development of an anti-money laundering program should begin with identification of those areas, processes and programs that are susceptible to money laundering activities. The practices and procedures implemented under the program should reflect the risks of money laundering given the entity's products, methods of distribution, contact with customers and forms of customer payment and deposits.

Section 326 - Customer Identification

Section 326 of the Act amends the BSA to require that Treasury issue regulations setting forth minimum standards for financial institutions regarding the identity of their customers in connection with the purchase of a policy or contract of insurance. This program must set forth customer identity verification and documentation procedures, as well as procedures the insurer will employ to notify its customers about this requirement and determine whether the customer appears on government lists of known or suspected terrorists or terrorist organizations.

Final regulations regarding this requirement are to be issued by the Department of the Treasury by October 26, 2002. Proposed regulations will be published in the Federal Register4 later in the year. Through the rulemaking process, Treasury will determine which insurance entities will be subject to the regulations. Insurance entities subject to the rules will be required to comply when the final Treasury regulations become effective.

Request for additional information or questions regarding:

  • This bulletin may be directed to John R. Schoonmaker of this agency at (517) 373-2707 or
  • State requirements in the reporting of suspected money-laundering activities should be directed to Robert Ianni of the Michigan Department of Attorney General at (517) 241-6565 or
  • The Act may be directed to Linda L. Duzick, Office of Thrift Supervision, serving as insurance industry liaison for the Department of the Treasury, at (202) 906-6565 or

1The full text of the law can be obtained at
2Codified in subchapter II of chapter 53 of title 31, U.S. Code.
367CFR 8565 (February 25, 2002)
4The Federal Register website address is