New regulations to prevent money laundering in the US could indirectly impact reinsurers, warn Melvin Schwechter and Robert Woody

On 3 November 2005, the US Department of Treasury's Financial Crimes Enforcement Network (FinCEN) issued two final rules requiring insurers selling "covered products" to implement anti-money laundering programmes and to file suspicious activity reports on certain transactions. FinCEN also issued a notice and request for comment on proposed forms to be used by insurers to report suspicious transactions. The long-awaited regulations, which will come into effect on 2 May 2006, are part of the continuing implementation of the US Patriot Act, enacted shortly after the 11 September terrorist attacks. Although reinsurers are not themselves subject to these new compliance requirements, life reinsurers in particular are following these developments with interest because of the impact on their US cedants.

Who is covered?

The regulations apply to insurers who are "engaged within the United States as a business in the issuing or underwriting of any covered product." Both rules apply only to "covered products", defined as (1) a permanent life insurance policy; (2) an annuity contract; or (3) "any other insurance product with features of cash value or investment". Few, if any, property and casualty products will be affected. However, category 3 is meant as a "catch-all" that could theoretically capture products sold in the property-casualty industry. While no products currently being sold in the market have been so identified, this category is nevertheless included to ensure that the rules cover any creative products not now in existence or known to FinCEN that might prove useful to money launderers.

The rule notes that its scope is limited to the defined "covered products" because other products are less susceptible to use in money laundering or terrorist financing. Importantly, while group life and group annuities are the only products specifically excluded in the text of the rule, the preamble also lists term life insurance, reinsurance and retrocessional contracts or treaties as products that "pose little or no risk of being used for money laundering".

While agents and brokers are specifically excluded, the final regulations require each insurer to establish and implement policies, procedures and internal controls reasonably designed to integrate its agents and brokers into its compliance programme and to monitor its agents' and brokers' compliance efforts. This may prove to be one of the more daunting aspects of compliance, especially for independent producers who will be asked to coordinate compliance with the numerous insurers they represent, many of which may have differing approaches to compliance.

Minimum requirements

Insurers are required to develop and implement an anti-money laundering programme by 2 May 2006. These programmes must be in writing, must be approved by senior management, and must be available for inspection by FinCEN.

Much of the specifics of the anti-money laundering programmes are left to the individual insurer's discretion, to give flexibility to meet the specific risks of a particular line of business. At a minimum, however, the insurer must:

- Incorporate policies, procedures and internal controls based on its own assessment of the money laundering and terrorist financing risks associated with its products. These procedures must ensure that the insurer obtain all relevant customer-related information necessary for an effective anti-money laundering programme;

- Designate a compliance officer responsible for overseeing the implementation and updating of the programme (including monitoring of compliance by the insurer's agents and brokers), as well as the education and training of appropriate persons;

- Provide ongoing in-house or third party training for persons with responsibilities under the programme (including agents and brokers); and

- Provide for independent testing of the programme. This testing may be conducted by third parties or by an employee of the insurer itself other than the designated compliance officer.

Insurers that are required to register with the Securities and Exchange Commission as a broker-dealer in securities are deemed to have complied with the anti-money laundering requirement to the extent that they have established such a programme pursuant to the anti-money laundering programme requirements.

Suspicious activity reporting

Insurers are required to report to FinCEN any suspicious transaction of $5,000 or more involving a "covered product" that is "relevant to a possible violation of law or regulation", specifically including any transaction that the insurer knows, suspects, or has reason to suspect:

- Involves funds derived from or conducted to disguise illegal activity;

- Is designed to evade Bank Secrecy Act regulations;

- Has no business or apparent lawful purpose and the insurer knows of no reasonable explanation for the transaction; or

- Involves use of the insurer to facilitate illegal criminal activity. Insurers may voluntarily report any transaction they believe to be suspicious, even if the regulations do not require it.

Suspicious transactions are to be reported within 30 calendar days of the initial detection of the transaction, using a specific form.

Generally, insurers are responsible for reporting suspicious transactions conducted through their agents and brokers, and therefore are required to implement policies and procedures designed to obtain from agents and brokers all information necessary to detect suspicious activities. Agents who are broker-dealers have separate obligations to report suspicious activity under pre-existing Bank Secrecy Act regulations. In such cases, only one report is required, but both the insurer and agent must be named on the filing and both must maintain copies of it.

Insurers are required to keep records of suspicious activity reports (along with supporting documentation) for five years after the date of the filing. These records will be kept confidential and may not be disclosed unless requested by FinCEN. Insurers and their directors, officers, employees, agents and brokers are prohibited from notifying any person involved in the transaction that it has been reported, regardless of whether the reporting was voluntary or required under these rules.

Insurers that are required to register with the Securities and Exchange Commission as a broker-dealer in securities are deemed to have complied with the suspicious activities reporting requirement to the extent that they have complied with pre-existing suspicious activity reporting requirements for broker-dealers under the programme requirements.

Impact of the regulations

Proactive insurers who began putting anti-money laundering programmes in place several years ago (after the issuance of proposed regulations in 2002) may need only to refine their programmes based on the final regulations and move aggressively to implement training and testing regimes.

On the other hand, insurers who waited to implement anti-money laundering compliance programmes will need to move expeditiously to create, and put such programmes into place, before the 2 May 2006 deadline. This will take substantial time, effort, and resources, particularly with respect to integrating agents and brokers into the compliance plans. In this regard, we note that several trade associations representing the life industry plan to develop a set of common industry compliance standards, but it is not clear how long this will take. Given the short timeframe for developing compliance programmes, insurers should begin work on their programmes immediately.

Finally, insurers who operate internationally may need to integrate the new US requirements into existing compliance plans for other countries, particularly EU anti-money laundering directives. Companies that create successful programmes are those that integrate the compliance function into the day-to-day business of the company. Constant communication between compliance and programme personnel is crucial for effective compliance.

- Melvin Schwechter is a partner and Robert Woody is legal counsel for LeBoeuf, Lamb, Greene & MacRae LLP.