[Federal Register Volume 67, Number 187 (Thursday, September 26, 2002)]
[Proposed Rules]
[Pages 60625-60630]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 02-24144]


-----------------------------------------------------------------------

DEPARTMENT OF THE TREASURY

31 CFR Part 103

RIN 1506-AA28


Financial Crimes Enforcement Network; Anti-Money Laundering 
Programs for Insurance Companies

AGENCY: Financial Crimes Enforcement Network (FinCEN), Treasury.

ACTION: Notice of proposed rulemaking.

-----------------------------------------------------------------------

SUMMARY: FinCEN is issuing this proposed rule to prescribe minimum 
standards applicable to insurance companies pursuant to the revised 
provision in the Bank Secrecy Act that requires financial institutions 
to establish anti-money laundering programs.

DATES: Written comments may be submitted on or before November 25, 
2002.

ADDRESSES: Commenters are encouraged to submit comments by electronic 
mail because paper mail in the Washington, DC, area may be delayed. 
Comments submitted by electronic mail may be sent to 
[email protected] with the caption in the body of the text, 
``ATTN: Section 352--Insurance Company Regulations.'' Comments 
(preferably an original and four copies) also may be submitted by paper 
mail to FinCEN, P.O. Box 39, Vienna, VA 22183, ATTN: Section 352--
Insurance Company Regulations. Comments should be sent by one method 
only. Comments may be inspected at FinCEN between 10 a.m. and 4 p.m., 
in the FinCEN Reading Room in Washington, DC. Persons wishing to 
inspect the comments submitted must request an appointment by 
telephoning (202) 354-6400 (not a toll-free number).

FOR FURTHER INFORMATION CONTACT: Office of Chief Counsel, FinCEN, (703) 
905-3590; Office of the Assistant General Counsel for Enforcement 
(Treasury), (202) 622-1927; or the Office of the Assistant General 
Counsel for Banking and Finance (Treasury), (202) 622-0480 (not toll-
free numbers).

SUPPLEMENTARY INFORMATION:

I. Background

    On October 26, 2001, the President signed into law the Uniting and 
Strengthening America by Providing Appropriate Tools Required to 
Intercept and Obstruct Terrorism (USA PATRIOT ACT) Act of 2001 (Public 
Law 107-56) (the Act). Title III of the Act makes a number of 
amendments to the anti-money laundering provisions of the Bank Secrecy 
Act (BSA), which is codified in subchapter II of chapter 53 of title 
31, United States Code.\1\ These amendments are intended to provide 
additional tools to prevent, detect, and prosecute international money 
laundering and the financing of terrorism. Section 352(a) of the Act, 
which became effective on April 24, 2002, amends section 5318(h) of the 
BSA. As amended, section 5318(h)(1) requires every financial 
institution to establish an anti-money laundering program that 
includes, at a minimum, (i) the development of internal policies, 
procedures, and controls; (ii) the designation of a compliance officer; 
(iii) an ongoing employee training program; and (iv) an independent 
audit function to test programs. Section 352(c) of the Act directs the 
Secretary to prescribe regulations for anti-money laundering programs 
that are ``commensurate with the size, location, and activities'' of 
the financial institutions to which such regulations apply. Section 
5318(h)(1) permits the Secretary to exempt from this anti-money 
laundering program requirement those financial institutions not 
currently subject to FinCEN's regulations implementing the BSA. Section 
5318(a)(6) of the BSA further provides that the Secretary may exempt 
any financial institution from any BSA requirement. Taken together, 
these provisions authorize the issuance of anti-money laundering 
program regulations that may differ with respect to certain kinds of 
financial institutions, and that may exempt certain financial 
institutions (and, by extension, certain financial institutions within 
the same industry) from the requirements of section 5318(h)(1).
---------------------------------------------------------------------------

    \1\ Regulations implementing the BSA appear at 31 CFR Part 103. 
The authority of the Secretary to administer the BSA and its 
implementing regulations has been delegated to the Director of 
FinCEN.
---------------------------------------------------------------------------

    Although insurance companies have long been defined as a financial 
institution under the BSA, 31 U.S.C. 5312(a)(2)(M), FinCEN has not 
previously defined the term or issued regulations regarding insurance 
companies. In April 2002, FinCEN deferred the anti-money laundering 
program requirement contained in 31 U.S.C. 5318(h) that would have 
applied to the insurance industry. 67 FR 21110 (April 29, 2002). The 
purpose of the deferral was to provide Treasury time to study the 
insurance industry and to consider how anti-money laundering controls 
could best be applied to that industry, taking into account differences 
in size, location, and services within the industry.
    Insurance can generally be described as ``a contract by which one 
party (the insurer), for a consideration that is usually paid in money, 
either in a lump sum or at different times during the continuance of 
the risk, promises to make a certain payment, usually of money, upon 
the destruction or injury of `something' in which the other party (the 
insured) has an interest.'' \2\ In other words, the purpose of 
insurance is to transfer risk from the insured to the insurer. 
Insurance companies act as financial intermediaries by providing a 
financial risk transfer service that is funded by the payment of 
insurance premiums that they receive from policyholders.
---------------------------------------------------------------------------

    \2\ Lee R. Rus & Thomas F. Segalla, Couch on Insurance Sec.  
1:6, at 1-11 (3d ed.).
---------------------------------------------------------------------------

    The insurance industry in the United States can generally be 
divided into three major sectors based on a company's line of business: 
(1) Life; (2) property/casualty; and (3) health.\3\ Life insurance 
provides protection against the death of an individual in the form of 
payment to a beneficiary. Life insurance may also offer ``living 
benefits'' in the form of a cash surrender value or income payments. 
Recently, life insurers have developed products that offer a variety of 
investment components, such as interest indexed universal life (which 
has interest credits linked to external factors) and variable life 
(where the amount and duration of benefits are linked to investment 
experience), and that offer the insured the ability to overpay the 
premium for a fixed rate of return. Such products are marketed to 
investors as part of a diversified portfolio, often with tax benefits. 
Annuities, which are generally considered part of the life insurance 
sector, are purchased to provide a stipulated income stream over a 
period of time, and are frequently used for retirement planning 
purposes. Property insurance indemnifies an insured whose property is 
stolen, damaged, or destroyed by a covered peril. Casualty

[[Page 60626]]

insurance provides coverage primarily for the liability of an 
individual or organization that results from negligent acts and 
omissions that cause bodily injury and/or property damage to a third 
party. Health insurance covers the costs of health care. Many insurance 
companies, particularly the larger ones, offer more than one kind of 
insurance product.
    An insurance company may offer its products through a number of 
different distribution channels. Some insurance companies sell their 
products through direct response marketing in which the insurance 
company sells a policy directly to the insured. Other companies employ 
agents, who may either be captive or independent. Captive agents 
represent only one insurance company; independent agents may represent 
a variety of insurance carriers. Insurance may also be purchased 
through other third parties, all of which must be licensed insurance 
agents, but may describe themselves to customers as financial planners 
or investment advisors. A limited number of companies offer certain 
types of policies via the Internet. A customer also may employ a broker 
(i.e., a salesperson who searches the marketplace for insurance in the 
interest of the customer rather than the insurer) to obtain insurance.
---------------------------------------------------------------------------

    \3\ In 2000, the insurance industry in the United States 
consisted of more than 7000 domestic insurance companies and total 
gross direct premiums exceeded $956 billion. Net premiums written in 
both the life and property/casualty sectors grew annually between 
1992 and 2000. In 2000, the insurance industry, including insurance 
companies, agents, brokers, and service personnel, employed 
approximately 2.3 million people. National Association of Insurance 
Commissioners, 2000 Insurance Department Resources Report.
---------------------------------------------------------------------------

    The insurance industry in the United States has traditionally been 
subject to state, rather than federal regulation.\4\ Matters that are 
subject to state regulation include the overall organization and 
capitalization of insurance companies, permissible investments, 
licensing of insurance companies and insurance agents, and the form and 
content of policies. In some states, insurance companies are already 
subject to anti-money laundering statutes, currency reporting 
requirements, and/or suspicious activity reporting requirements. 
According to an unpublished survey conducted by the National 
Association of Insurance Commissioners (NAIC) of state statutes or 
rules applicable to insurance companies, thirty-eight states have money 
laundering statutes, twenty-one have currency reporting requirements, 
and one has a suspicious activity requirement.
---------------------------------------------------------------------------

    \4\ See the McCarran-Ferguson Act, codified at 15 U.S.C. 1011 et 
seq.
---------------------------------------------------------------------------

II. Money Laundering and Terrorist Financing Risks Associated With 
Insurance Companies

    The Congressional mandate that all financial institutions establish 
an anti-money laundering program is a key element in the national 
effort to prevent and detect money laundering and the financing of 
terrorism. The mandate recognizes that financial institutions other 
than depository institutions (which have long been subject to BSA 
requirements) are vulnerable to money laundering.
    The application of anti-money laundering measures to non-depository 
institutions generally, and to insurance companies in particular, also 
has been emphasized by the international community as a key element in 
combating money laundering. One of the central recommendations of the 
Financial Action Task Force (FATF),\5\ of which the United States is a 
member, is that measures designed to prevent and detect money 
laundering, including the establishment of an anti-money laundering 
program, ``should apply not only to banks, but also to non-bank 
financial institutions.'' FATF Forty Recommendations (Recommendation 
8). Similarly, in January 2002, the International Association of 
Insurance Supervisors (IAIS)\6\ issued anti-money laundering guidance 
for insurance supervisors and insurance entities stating that:
---------------------------------------------------------------------------

    \5\ The FATF is an inter-governmental body whose purpose is the 
development and promotion of policies to combat money laundering. 
Originally created by the G-7 nations, its membership now includes 
Argentina, Australia, Austria, Belgium, Brazil, Canada, Denmark, 
Finland, France, Germany, Greece, Hong Kong, Iceland, Ireland, 
Italy, Japan, Luxembourg, Mexico, the Kingdom of the Netherlands, 
New Zealand, Norway, Portugal, Singapore, Spain, Sweden, 
Switzerland, Turkey, the United Kingdom, and the United States, as 
well as the European Commission and the Gulf Cooperation Council.
    \6\ The IAIS is an international association representing 
insurance regulatory authorities from more than 100 jurisdictions. 
Established in 1994, the IAIS was formed to promote cooperation 
among insurance regulators, set international standards for 
insurance supervision, provide training to members, and coordinate 
work with regulators in other financial sectors and international 
financial institutions.

    Financial institutions including insurance entities, have become 
major targets of money laundering operations because of the variety 
of services and investment vehicles offered that can be used to 
conceal the source of money. Money laundering poses significant 
reputational and financial risk to insurance entities, as well as 
the risk of criminal prosecution if insurance entities become 
---------------------------------------------------------------------------
involved in laundering of the proceeds of crime.\7\

    \7\ IAIS Anti-Money Laundering Guidance Notes for Insurance 
Supervisors and Insurance Entities, January 2002, at 4.
---------------------------------------------------------------------------

    FinCEN believes that the most significant money laundering and 
terrorist financing risks in the insurance industry are found in life 
insurance and annuity products because such products allow a customer 
to place large amounts of funds into the financial system and 
seamlessly transfer such funds to disguise their true origin. Permanent 
life insurance policies that have a cash surrender value are 
particularly inviting money laundering vehicles. Such cash value can be 
redeemed by a money launderer or can be used as a source of further 
investment of his tainted funds--for example, by taking loans out 
against such cash value. Term life insurance policies also pose a 
significant risk of money laundering because they possess elements of 
stored value and transferability that make them attractive to money 
launderers.\8\ Similarly, annuity contracts also pose a significant 
money laundering risk because they allow a money launderer to exchange 
his illicit funds for an immediate or deferred income stream. The 
elements described above generally do not exist in insurance products 
offered by property and casualty insurers, much less by title or health 
insurers, although, to the extent that these sectors develop products 
with similar investment features, or features of stored value and 
transferability, the proposed rule includes a functional definition 
intended to include them within its scope.\9\ FinCEN does not believe 
that money laundering risk should be predicated solely on the existence 
of an ability to obtain a refund on a purchased financial product. 
Rather, the focus should be on the ability of a money launderer to use 
a particular financial product to store and move illicit funds through 
the financial system. Therefore, the proposed rule captures only those 
insurance products with investment features, and insurance products 
possessing the ability to store value and to transfer that value to 
another person.
---------------------------------------------------------------------------

    \8\ For example, a narcotics trafficker based in a foreign 
jurisdiction can purchase a term policy from a U.S. insurer with one 
large, up-front premium made up of illicit funds using an elderly or 
ill front person as the insured, and collect the cleansed proceeds 
when the insured dies.
    \9\ Theoretically, a money launderer could purchase property or 
casualty insurance for a business with tainted funds, and transfer 
the business to a confederate who could cancel the policy and obtain 
a refund of the cleansed funds. However, this does not mean that 
such products possess the elements of stored value and 
transferability that pose a significant money laundering risk. 
Underwriting practices generally would prevent the conveyance of a 
property and casualty insurance policy upon the purchase of a 
business, except in the case of a change in control of a public 
company, in which the costs and regulatory disclosures required to 
change control would appear to far outweigh any potential benefit to 
a would-be launderer. Moreover, as property and casualty insurers 
determine premiums by the value of the insured property and the 
perceived risk, the products they issue are not effective vehicles 
for laundering predetermined sums.
---------------------------------------------------------------------------

    The identified instances of money laundering through insurance

[[Page 60627]]

companies generally have been confined to life insurance products. Such 
products appear to have been particularly attractive to narcotics money 
launderers. For example, as a result of a joint investigation into the 
narcotics trafficking and money laundering activities of Colombian drug 
cartels, federal law enforcement authorities have discovered that these 
cartels have been hiding their illicit proceeds by, among other things, 
purchasing life insurance policies. The money laundering scheme 
involves the purchase, through several insurance brokers, of life 
insurance policies with cash surrender values in an offshore 
jurisdiction. Cartel associates are named as beneficiaries to such 
policies. The life insurance policies are funded by narcotics proceeds 
that are forwarded to the insurance companies by third parties from all 
over the world. Although the cash surrender value of the life insurance 
policies is often far less than the amount invested because of 
liquidation penalties, particularly if the policies only have been in 
existence for a few years, the beneficiaries soon elect to liquidate 
the policies for their cash surrender value. Alhough the beneficiaries 
thereby suffer a substantial financial loss, the funds received, in the 
form of insurance proceeds, are effectively laundered.\10\ In another 
case, the U.S. Customs Service obtained the forfeiture of illicit drug 
money paid to purchase three term life insurance policies in Austin, 
Texas. The purchase had been made with a number of structured monetary 
instruments, followed shortly afterward by an attempted redemption of 
the policies.\11\ Law enforcement also has seen similar attempts to 
launder funds through the purchase of variable annuity contracts.\12\ 
In addition, some financial institutions have reported to FinCEN 
suspicious transactions involving the structured purchase of life 
insurance and annuities, followed by the receipt of checks from life 
insurance companies, and the wiring of the funds to foreign countries.
---------------------------------------------------------------------------

    \10\ United States v. The Contents of Account No. 400941058 At 
JP Morgan Chase Bank, New York, New York, Mag. Docket No. 02-1163 
(S.D.N.Y. 2002) (Warrant of Seizure).
    \11\ In the Matter of Seizure of the Cash Value and Advance 
Premium Deposit Funds, Case No. 2002-5506-000007. (W.D. Tex. 2002).
    \12\ See Steven Brostoff, Variable Product Companies Cautioned 
to be Vigilant On Money Laundering, National Underwriter, July 1, 
2002, at 40.
---------------------------------------------------------------------------

    The international community also has focused on life insurance 
policies and those insurance products with investment features as the 
target of anti-money laundering programs. The interpretative note to 
Recommendation 8 of the FATF Forty Recommendations, relating to the 
establishment of anti-money laundering programs, states that ``[t]he 
FATF [Forty] Recommendations should be applied in particular to life 
insurance and other investment products offered by insurance 
companies.'' In addition, the IAIS, in its anti-money laundering 
guidance to insurance businesses, states that such guidance is 
``primarily aimed at life insurance business[es] which [are] the 
predominant class being used by money launderers.'' \13\
---------------------------------------------------------------------------

    \13\ IAIS Anti-Money Laundering Guidance Notes for Insurance 
Supervisors and Insurance Entities, January 2002, at 6.
---------------------------------------------------------------------------

    FinCEN understands that many insurance products are sold through 
agents of insurance companies. Because of their direct contact with 
customers, insurance agents are in a unique position to observe the 
kind of activity that may be indicative of money laundering. In some 
cases, suspicious activity detected by agents--such as the lump-sum 
purchase of a life insurance policy with multiple money orders or the 
purchase of annuity contracts by customers who express little or no 
interest in the details of such products, like surrender charges--may 
not be information that is normally known by the insurance company. 
This may be especially true when insurance agents sell investment 
products that do not need to be thoroughly scrutinized by the insurance 
company for underwriting purposes because they lack a health or death 
contingency. Thus, the proposed rule requires an insurance company to 
assess the money laundering and terrorist financing risks posed by its 
distribution channels and to incorporate policies, procedures, and 
internal controls integrating its agents and brokers into its anti-
money laundering program. Whether an insurance company sells its 
products directly or through agents, FinCEN believes that it is 
appropriate to place on the insurance company (which develops the 
products and bears their risks), the responsibility for obtaining all 
relevant information necessary to establish and maintain an effective 
anti-money laundering program.
    FinCEN anticipates that the measures currently employed by 
insurance companies to detect and combat fraud may assist such 
companies when establishing anti-money laundering policies and 
procedures. However, insurance companies should note that the risks 
associated with fraud and money laundering are not identical, and that 
combating money laundering will necessarily require the establishment 
of additional measures. An anti-fraud policy is concerned that premium 
payments clear, not with whether they are made with structured 
instruments or from suspicious sources. Moreover, although a person who 
purchases a life insurance policy with a single, lump-sum payment and 
subsequently redeems the policy for its cash value may not inflict any 
economic harm on the insurance company, such a person can use this 
process to cleanse his illicit funds in exchange for paying the 
requisite penalty or fee.

III. Section-by-Section Analysis

    Section 103.137(a) defines the key terms used in the proposed rule. 
The definition of an insurance company reflects Treasury's 
determination that an anti-money laundering program requirement should 
be imposed on those sectors of the insurance industry that pose the 
most significant risk of money laundering and terrorist financing. The 
definition of an insurance company therefore includes any person 
engaged within the United States as a business in: (1) The issuing, 
underwriting, or reinsuring of a life insurance policy; (2) the 
issuing, granting, purchasing, or disposing of any annuity contract; or 
(3) the issuing, underwriting, or reinsuring of any insurance product 
with investment features similar to those of a life insurance policy or 
an annuity contract, or which can be used to store value and transfer 
that value to another person. The sectors of the insurance industry 
offering life insurance and annuity products are both covered by the 
definition. The last category incorporates a functional approach, and 
encompasses any business offering currently, or in the future, any 
insurance product with an investment feature, and any insurance product 
possessing both stored value and transferability.\14\
---------------------------------------------------------------------------

    \14\ The definition of an insurance company includes any person 
engaged ``as a business'' in the issuing, underwriting, or 
reinsuring of certain insurance products, and therefore does not 
include charities or other non-profit organizations.
---------------------------------------------------------------------------

    The definition of an insurance company does not include insurance 
agents or brokers, as FinCEN believes the insurance company is in the 
best position to design an effective anti-money laundering program for 
its products, based upon the risk assessment it must perform due to the 
nature of its business. Agents and brokers would therefore not be 
required under the rule to independently establish an anti-money 
laundering program. However, as explained in

[[Page 60628]]

greater detail below, an insurance company would be required to assess 
the money laundering and terrorist financing risks posed by its 
distribution channels and to incorporate policies, procedures, and 
internal controls integrating its agents and brokers into its anti-
money laundering program. Comments are specifically invited on whether 
the above definition is appropriate in light of money laundering risks 
in the industry. Comments also are specifically invited on whether the 
final rule also should require insurance agents and brokers, or any 
subsets of agents or brokers, to establish and maintain an anti-money 
laundering program.
    Section 103.137(b) requires that each insurance company develop and 
implement an anti-money laundering program reasonably designed to 
prevent the insurance company from being used to facilitate money 
laundering or the financing of terrorist activities. The program must 
be in writing and must be approved by senior management. An insurance 
company's written program also must be made available to the Department 
of the Treasury or its designee upon request. The minimum requirements 
for the anti-money laundering program are set forth in section 
103.137(c). Beyond these minimum requirements, however, the proposed 
rule is intended to give insurance companies the flexibility to design 
their programs to meet their specific risks.
    Section 103.137(c) sets forth the minimum requirements of an 
insurance company's anti-money laundering program. Section 
103.137(c)(1) requires the anti-money laundering program to incorporate 
policies, procedures, and internal controls based upon the insurance 
company's assessment of the money laundering and terrorist financing 
risks associated with its products, customers, distribution channels, 
and geographic locations. As explained above, an insurance company's 
assessment of customer-related information, such as methods of payment, 
is a key component to an effective anti-money laundering program. Thus, 
an insurance company's anti-money laundering program must ensure that 
the company obtain all the information necessary to make its anti-money 
laundering program effective. Such information includes, but is not 
limited to, relevant customer information collected and maintained by 
the insurance company's agents and brokers. The specific means to 
obtain such information is left to the discretion of the insurance 
company, although Treasury anticipates that the insurance company may 
need to amend existing agreements with its agents and brokers to ensure 
that the company receives necessary customer information.
    For purposes of making the required risk assessment, an insurance 
company must consider all relevant information. The following are just 
some of the many factors that should be considered by an insurance 
company when making its risk assessment: whether the company permits 
customers to use cash or cash equivalents to purchase an insurance 
product, whether the company permits customers to purchase an insurance 
product with a single premium or lump-sum payment, and whether the 
company permits customers to take out a loan against the value of an 
insurance product. Other factors that should be considered include 
whether the insurance company engages in transactions involving a 
jurisdiction whose government has been identified by the Department of 
State as a sponsor of international terrorism under 22 U.S.C. 2371, has 
been designated as non-cooperative with international anti-money 
laundering principles, or has been designated by the Secretary of the 
Treasury as warranting special measures due to money laundering 
concerns.
    Policies, procedures, and internal controls also must be reasonably 
designed to ensure compliance with BSA requirements. The only BSA 
regulatory requirement currently applicable to insurance companies is 
the obligation to report on Form 8300 the receipt of cash or certain 
non-cash instruments totaling more than $10,000 in one transaction or 
in two or more related transactions. Insurance companies may in the 
future be required to comply with BSA requirements regarding 
accountholder identification and verification pursuant to section 326 
of the Act, as well as the filing of suspicious activity reports. As 
insurance companies become subject to additional BSA requirements, 
their compliance programs will obviously have to be updated to include 
appropriate policies, procedures, training, and testing functions.
    Insurance companies typically conduct their operations through 
agents and third-party service providers. Some elements of the 
compliance program will best be performed by personnel of these 
entities, in which case it is permissible for an insurance company to 
delegate contractually the implementation and operation of those 
aspects of its anti-money laundering program to such an entity. Any 
insurance company that delegates responsibility for aspects of its 
anti-money laundering program to an agent or a third party, however, 
remains fully responsible for the effectiveness of the program, as well 
as ensuring that federal examiners are able to obtain information and 
records relating to the anti-money laundering program and to inspect 
the agent or the third party for purposes of the program. In addition, 
an insurance company remains responsible for the following: assuring 
compliance with this regulation; taking reasonable steps to identify 
the aspects of its operations that may give rise to BSA regulatory 
requirements or that are vulnerable to money laundering or terrorist 
financing activity; developing and implementing a program reasonably 
designed to achieve compliance with such regulatory requirements and to 
prevent such activity; monitoring the operation of its program; and 
assessing the effectiveness of its program. For example, it would not 
be sufficient for an insurance company simply to obtain a certification 
from its delegate that the company ``has a satisfactory anti-money 
laundering program.''
    Section 103.137(c)(2) requires that an insurance company designate 
a compliance officer to be responsible for administering the anti-money 
laundering program. An insurance company may designate a single person 
or committee to be responsible for compliance. The person or persons 
should be competent and knowledgeable regarding BSA requirements and 
money laundering issues and risks, and should be empowered with full 
responsibility and authority to develop and enforce appropriate 
policies and procedures. The role of the compliance officer is to 
ensure that (1) the program is being implemented effectively; (2) the 
program is updated as necessary; and (3) appropriate persons are 
trained and educated in accordance with section 103.137(c)(3).
    Section 103.137(c)(3) requires that an insurance company provide 
for education and training of appropriate persons. Employee training is 
an integral part of any anti-money laundering program. In order to 
carry out their responsibilities effectively, employees of an insurance 
company (and of any agent or third-party service provider) with 
responsibility under the program must be trained in the requirements of 
the rule and money laundering risks generally so that ``red flags'' 
associated with existing or potential customers can be identified. Such 
training could be conducted by outside or in-house seminars, and could 
include computer-based training. The nature, scope, and frequency of 
the education and training program of the

[[Page 60629]]

insurance company will depend upon the functions performed. However, 
those with obligations under the anti-money laundering program must be 
sufficiently trained to carry out their responsibilities effectively. 
Moreover, these employees should receive periodic updates and 
refreshers regarding the anti-money laundering program.
    Section 103.137(c)(4) requires that an insurance company provide 
for independent testing of the program on a periodic basis to ensure 
that it complies with the requirements of the rule and that the program 
functions as designed. An outside consultant or accountant need not 
perform the test. An employee of the insurance company may perform the 
independent testing, so long as the tester is not the compliance 
officer or otherwise involved in administering the program. The 
frequency of the independent testing will depend upon the insurance 
company's assessment of the risks posed. Any recommendations resulting 
from such testing should be implemented promptly or reviewed by senior 
management.
    Section 103.137(d) states that an insurance company that is 
registered or is required to register with the Securities and Exchange 
Commission (SEC) shall be deemed to have satisfied the requirements of 
this section for those activities regulated by the SEC to the extent 
that the company complies with the anti-money laundering program 
requirements applicable to such activities that are imposed by the SEC 
or by a self-regulatory organization (SRO) registered with the SEC. 
Thus, for example, an insurance company that is required to register as 
a broker-dealer in securities because it sells variable annuities may 
satisfy the anti-money laundering program requirements under the 
proposed rule for that activity by complying with the anti-money 
laundering program requirements applicable to such activity that are 
imposed by the SEC or one of its registered SROs. To the extent that 
the issuance of annuities, or any other activity by an insurance 
company, is not covered by an SEC or SRO-anti-money laundering program 
rule, then such activity would be subject to the anti-money laundering 
program requirements of the proposed rule.

IV. Request for Comments

    FinCEN invites comment on all aspects of the proposed regulation, 
and specifically seeks comment on the following issues:
    1. Whether the scope of the definition of an insurance company is 
appropriate in light of money laundering risks in the industry.
    2. Whether the final rule also should require insurance agents 
(captive, independent, or both), or any subset of agents, to establish 
and maintain an anti-money laundering program.
    3. Whether the final rule also should require insurance brokers, or 
any subset of insurance brokers, to establish and maintain an anti-
money laundering program.
    4. Whether the factors that should be considered as part of an 
insurance company's risk assessment are appropriate.

V. Regulatory Flexibility Act

    It is hereby certified, pursuant to the Regulatory Flexibility Act 
(5 U.S.C. 601 et seq.), that the proposed rule is not likely to have a 
significant economic impact on a substantial number of small entities. 
The costs associated with the development of anti-money laundering 
programs are attributable to the mandates of section 352 of the Act. 
Moreover, most insurance companies are larger businesses. To the extent 
that some insurance companies may be considered small entities, the 
proposed rule provides for substantial flexibility in how each 
insurance company may meet its requirements. This flexibility is 
designed to account for differences among insurance companies, 
including size. In this regard, the costs associated with developing 
and implementing an anti-money laundering program will be commensurate 
with the size of an insurance company. If an insurance company is 
small, the burden to comply with the requirements of section 352 should 
be correspondingly minimal. In addition, all insurance companies, in 
order to remain viable, have in place policies and procedures to 
prevent and detect fraud. Such anti-fraud measures should assist 
insurance companies in developing effective anti-money laundering 
programs. Lastly, many insurance companies, depending on the state in 
which they do business, are subject to existing state requirements 
relating to the prevention and detection of money laundering.

VI. Paperwork Reduction Act

    The collection of information contained in this proposed rule is 
being submitted to the Office of Management and Budget for review in 
accordance with the Paperwork Reduction Act of 1995 (44 U.S.C. 
3507(d)). Comments on the collection of information should be sent 
(preferably by fax (202-395-6974)) to Desk Officer for the Department 
of the Treasury, Office of Information and Regulatory Affairs, Office 
of Management and Budget, Paperwork Reduction Project (1506), 
Washington, DC 20503 (or by the Internet to [email protected]), with 
a copy to FinCEN by mail or the Internet at the addresses previously 
specified. Comments on the collection of information should be received 
by November 12, 2002. In accordance with the requirements of the 
Paperwork Reduction Act of 1995, 44 U.S.C. 3506(c)(2)(A), and its 
implementing regulations, 5 CFR 1320, the following information 
concerning the collection of information as required by 31 CFR 103.19 
is presented to assist those persons wishing to comment on the 
information collection.
    The collection of information in this proposed rule is in 31 CFR 
103.137(b). The information will be used by federal agencies to verify 
compliance by insurance companies with the provisions of 31 CFR 
103.137. The collection of information is mandatory. The likely 
recordkeepers are mostly life insurance companies.
    Description of Recordkeepers: Insurance companies as defined in 31 
CFR 103.137(a)(4).
    Estimated Number of Recordkeepers: 1,200.
    Estimated Average Annual Burden Hours Per Recordkeeper: The 
estimated average burden associated with the recordkeeping requirement 
in this proposed rule is 1 hour per recordkeeper.
    Estimated Total Annual Recordkeeping Burden: 1,200 hours.
    FinCEN specifically invites comments on: (a) Whether the proposed 
recordkeeping requirement is necessary for the proper performance of 
the mission of FinCEN, including whether the recordkeeping requirement 
is necessary for the proper performance of the mission of FinCEN, and 
whether the information shall have practical utility; (b) the accuracy 
of FinCEN's estimate of the burden of the proposed recordkeeping 
requirement; (c) ways to enhance the quality, utility, and clarity of 
the information required to be maintained; (d) ways to minimize the 
burden of the recordkeeping requirement, including through the use of 
automated collection techniques or other forms of information 
technology; and (e) estimates of capital or start-up costs and costs of 
operation, maintenance, and purchase of services to maintain the 
information.

VII. Executive Order 12866

    It has been determined that this proposed rule is not a significant 
regulatory action for purposes of Executive Order 12866. Accordingly, a

[[Page 60630]]

regulatory impact analysis is not required.

List of Subjects in 31 CFR Part 103

    Administrative practice and procedure, Authority delegations 
(Government agencies), Insurance companies, Currency, Investigations, 
Law enforcement, Reporting and recordkeeping requirements.

Authority and Issuance

    For the reasons set forth in the preamble, part 103 of title 31 of 
the Code of Federal Regulations is proposed to be amended as follows:

PART 103--FINANCIAL RECORDKEEPING AND REPORTING OF CURRENCY AND 
FINANCIAL TRANSACTIONS

    1. The authority citation for part 103 continues to read as 
follows:


    Authority: 12 U.S.C. 1829b and 1951-1959; 31 U.S.C. 5311-5332; 
title III, secs. 312, 314, 352, Pub. L. 107-56, 115 Stat. 307.

    2. Subpart I of part 103 is amended by adding new Sec.  103.137 to 
read as follows:


Sec.  103.137  Anti-money laundering programs for insurance companies.

    (a) Definitions. For purposes of this section:
    (1) Annuity contract means any agreement between the insurer and 
the insured whereby the insurer promises to pay out a stipulated income 
or a varying income stream for a period of time.
    (2) Insurance company. (i) Except as provided in paragraph 
(a)(2)(ii) of this section, the term ``insurance company'' means any 
person engaged within the United States as a business in:
    (A) The issuing, underwriting, or reinsuring of a life insurance 
policy;
    (B) The issuing, granting, purchasing, or disposing of any annuity 
contract; or
    (C) The issuing, underwriting, or reinsuring of any insurance 
product with investment features similar to those of a life insurance 
policy or an annuity contract, or which can be used to store value and 
transfer that value to another person.
    (ii) An insurance company shall not mean an agent or broker of any 
business described in paragraph (a)(2)(i) of this section.
    (3) Life insurance policy means an agreement whereby the insurer is 
obligated to indemnify or to confer a benefit upon the insured or 
beneficiary to the agreement contingent upon the death of the insured, 
including any investment component of the policy.
    (4) United States has the same meaning as provided in Sec.  
103.11(nn).
    (b) Anti-money laundering program requirements for insurance 
companies. Each insurance company, as defined by paragraph (a)(2) of 
this section, shall develop and implement a written anti-money 
laundering program reasonably designed to prevent the insurance company 
from being used to facilitate money laundering or the financing of 
terrorist activities. The program must be approved by senior 
management. An insurance company shall make its anti-money laundering 
program available to the Department of the Treasury or its designee 
upon request.
    (c) Minimum requirements. At a minimum, the program required by 
paragraph (b) of this section shall:
    (1) Incorporate policies, procedures, and internal controls based 
upon the insurance company's assessment of the money laundering and 
terrorist financing risks associated with its products, customers, 
distribution channels, and geographic locations. For purposes of making 
the risk assessment required by this paragraph (c)(1), an insurance 
company shall consider all relevant information. Policies, procedures, 
and internal controls developed and implemented by an insurance company 
under this section shall include provisions for complying with the 
requirements of subchapter II of chapter 53 of title 31, United States 
Code and this part, and must ensure that the insurance company obtains 
all the information necessary to make its anti-money laundering program 
effective.
    (2) Designate a compliance officer who will be responsible for 
ensuring that:
    (i) The anti-money laundering program is implemented effectively;
    (ii) The anti-money laundering program is updated as necessary; and
    (iii) Appropriate persons are educated and trained in accordance 
with paragraph (c)(3) of this section.
    (3) Provide for on-going education and training of appropriate 
persons concerning their responsibilities under the program.
    (4) Provide for independent testing to monitor and maintain an 
adequate program. The scope and frequency of the testing shall be 
commensurate with the risks posed by the financial services provided by 
the insurance company. Such testing may be conducted by an officer or 
employee of the insurance company, so long as the tester is not the 
person designated in paragraph (c)(2) of this section.
    (d) Anti-money laundering program requirements for insurance 
companies registered or required to register with the Securities and 
Exchange Commission. An insurance company that is registered or is 
required to register with the Securities and Exchange Commission shall 
be deemed to have satisfied the requirements of this section for those 
activities regulated by the Securities and Exchange Commission to the 
extent that the company complies with the anti-money laundering program 
requirements applicable to such activities that are imposed by the 
Securities and Exchange Commission or by a self-regulatory organization 
registered with the Securities and Exchange Commission.

    Dated: September 18, 2002.
James F. Sloan,
Director, Financial Crimes Enforcement Network.
[FR Doc. 02-24144 Filed 9-25-02; 8:45 am]
BILLING CODE 4810-02-P