[Federal Register Volume 70, Number 212 (Thursday, November 3, 2005)]
[Rules and Regulations]
[Pages 66761-66769]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 05-21918]


-----------------------------------------------------------------------

DEPARTMENT OF THE TREASURY

31 CFR Part 103

RIN 1506-AA36


Financial Crimes Enforcement Network; Amendment to the Bank 
Secrecy Act Regulations--Requirement That Insurance Companies Report 
Suspicious Transactions

AGENCY: Financial Crimes Enforcement Network, Treasury.

ACTION: Final rule.

-----------------------------------------------------------------------

SUMMARY: This document contains an amendment to the regulations 
implementing the statute generally referred to as the Bank Secrecy Act. 
The amendment requires insurance companies to report suspicious 
transactions to the Financial Crimes Enforcement Network. The amendment 
constitutes a further step in the creation of a comprehensive system 
for the reporting of suspicious transactions by the major categories of 
financial institutions operating in the United States.

DATES: Effective Date: December 5, 2005.
    Applicability Date: This rule applies to transactions occurring 
after May 2, 2006. See 31 CFR 103.16(h) of the final rule contained in 
this document.

FOR FURTHER INFORMATION CONTACT: Financial Crimes Enforcement Network, 
Office of Regulatory Programs on (202) 354-6400 (not a toll-free 
number).

SUPPLEMENTARY INFORMATION:

I. Background

A. Statutory Provisions

    The Bank Secrecy Act, Public Law 91-508, as amended, codified at 12 
U.S.C. 1829b, 12 U.S.C. 1951-1959, and 31 U.S.C. 5311-14, 5316-5332, 
authorizes the Secretary of the Treasury to issue regulations requiring 
financial institutions to keep records and file reports that are 
determined to have a high degree of usefulness in criminal, tax, and 
regulatory matters, or in the conduct of intelligence or counter-
intelligence activities, including analysis, to protect against 
international terrorism, and to implement anti-money laundering 
programs and compliance procedures.\1\ Regulations implementing Title 
II of the Bank Secrecy Act appear at 31 CFR Part 103. The authority of 
the Secretary to administer the Bank Secrecy Act has been delegated to 
the Director of the Financial Crimes Enforcement Network.
---------------------------------------------------------------------------

    \1\ Language expanding the scope of the Bank Secrecy Act to 
intelligence or counter-intelligence activities, including analysis, 
to protect against international terrorism was added by section 358 
of the Uniting and Strengthening America by Providing Appropriate 
Tools Required to Intercept and Obstruct Terrorism Act of 2001 (the 
USA PATRIOT Act), Public Law 107-56.
---------------------------------------------------------------------------

    With the enactment of 31 U.S.C. 5318(g) in 1992,\2\ Congress 
authorized the Secretary of the Treasury to require financial 
institutions to report suspicious transactions. As amended by the USA 
PATRIOT Act, subsection (g)(1) states generally:
---------------------------------------------------------------------------

    \2\ 31 U.S.C. 5318(g) was added to the Bank Secrecy Act by 
section 1517 of the Annunzio-Wylie Anti-Money Laundering Act, Title 
XV of the Housing and Community Development Act of 1992, Public Law 
102-550; it was expanded by section 403 of the Money Laundering 
Suppression Act of 1994 (the Money Laundering Suppression Act), 
Title IV of the Riegle Community Development and Regulatory 
Improvement Act of 1994, Public Law 103-325, to require designation 
of a single government recipient for reports of suspicious 
transactions.

    The Secretary may require any financial institution, and any 
director, officer, employee, or agent of any financial institution, 
to report any suspicious transaction relevant to a possible 
---------------------------------------------------------------------------
violation of law or regulation.

Subsection (g)(2)(A) provides further that:

    [i]f a financial institution or any director, officer, employee, 
or agent of any financial institution, voluntarily or pursuant to 
this section or any other authority, reports a suspicious 
transaction to a government agency--
    (i) The financial institution, director, officer, employee, or 
agent may not notify any person involved in the transaction that the 
transaction has been reported; and
    (ii) No officer or employee of the Federal Government or of any 
State, local, tribal, or territorial government within the United

[[Page 66762]]

States, who has any knowledge that such report was made may disclose 
to any person involved in the transaction that the transaction has 
been reported, other than as necessary to fulfill the official 
duties of such officer or employee.

Subsection (g)(3)(A) provides that neither a financial institution, nor 
any director, officer, employee, or agent of any financial institution:

    That makes a voluntary disclosure of any possible violation of 
law or regulation to a government agency or makes a disclosure 
pursuant to this subsection or any other authority * * * shall * * * 
be liable to any person under any law or regulation of the United 
States, any constitution, law, or regulation of any State or 
political subdivision of any State, or under any contract or other 
legally enforceable agreement (including any arbitration agreement), 
for such disclosure or for any failure to provide notice of such 
disclosure to the person who is the subject of such disclosure or 
any other person identified in the disclosure.

Finally, subsection (g)(4) requires the Secretary of the Treasury, ``to 
the extent practicable and appropriate,'' to designate ``a single 
officer or agency of the United States to whom such reports shall be 
made.'' \3\ The designated agency is in turn responsible for referring 
any report of a suspicious transaction to ``any appropriate law 
enforcement, supervisory agency, or United States intelligence agency 
for use in the conduct of intelligence or counterintelligence 
activities, including analysis, to protect against international 
terrorism.'' Id. at subsection (g)(4)(B).
---------------------------------------------------------------------------

    \3\ This designation does not preclude any supervisory agency 
for any financial institutions from requiring such financial 
institutions to submit other reports to the same agency or another 
agency ``pursuant to any other applicable provision of law.'' 31 
U.S.C. 5318(g)(4)(C).
---------------------------------------------------------------------------

    Published elsewhere in this separate part of the Federal Register 
is a final rule prescribing minimum standards applicable to insurance 
companies regarding the establishment of anti-money laundering programs 
pursuant to section 5318(h) of the Bank Secrecy Act, as amended by 
section 352 of the USA PATRIOT Act. That final rule applies to the same 
universe of insurance companies and covered products as this final 
rule. The requirement to detect and report suspicious activity is an 
integral part of an insurance company's anti-money laundering program.

B. Importance of Suspicious Transaction Reporting

    The Congressional authorization for requiring the reporting of 
suspicious transactions recognizes two basic principles. First, money 
launderers must go to financial institutions, either initially, to 
conceal their unlawful funds, or eventually, to recycle those funds 
back into the economy. Second, the employees and officers of those 
institutions are often more likely than government officials to have a 
sense as to which transactions appear to lack commercial justification 
or that otherwise cannot be explained as constituting a legitimate use 
of the institution's financial products and services.
    The importance of extending suspicious transaction reporting to all 
relevant financial institutions, including non-bank financial 
institutions, relates to the concentrated scrutiny to which banks have 
been subject with respect to money laundering. This attention, combined 
with the cooperation that banks have given to government agencies 
responsible for detecting and investigating money laundering and other 
financial crime, has made it more difficult for criminals to pass large 
amounts of cash directly into the nation's banks unnoticed. As it has 
become increasingly difficult to launder large amounts of cash through 
banks, criminals have turned to non-bank financial institutions, 
including insurance companies in attempts to launder funds. Indeed, 
many non-bank financial institutions have already recognized the 
increased pressure that money launderers have come to place upon their 
operations and the need for innovative programs of training and 
monitoring necessary to counter that pressure.
    The reporting of suspicious activity is recognized in the 
international community as essential to an effective anti-money 
laundering regime. One of the central recommendations of the Financial 
Action Task Force \4\ is that ``[i]f a financial institution suspects 
or has reasonable grounds to suspect that funds are the proceeds of 
criminal activity, or are related to terrorist financing, it should be 
required * * * to report promptly its suspicions * * *.'' Financial 
Action Task Force Forty Recommendations (Recommendation 13). The 
recommendation applies equally to banks and non-bank financial 
institutions, including insurance companies.
---------------------------------------------------------------------------

    \4\ The Financial Action Task Force is an inter-governmental 
body whose purpose is the development and promotion of policies to 
combat money laundering. Originally created by the G-7 nations, its 
membership now includes Argentina, Australia, Austria, Belgium, 
Brazil, Canada, Denmark, Finland, France, Germany, Greece, Hong 
Kong, Iceland, Ireland, Italy, Japan, Luxembourg, Mexico, the 
Kingdom of the Netherlands, New Zealand, Norway, Portugal, Russia, 
Singapore, South Africa, Spain, Sweden, Switzerland, Turkey, the 
United Kingdom, and the United States, as well as the European 
Commission and the Gulf Cooperation Council.
---------------------------------------------------------------------------

    Moreover, on October 31, 2001, the Financial Action Task Force 
issued its Special Recommendations on Terrorist Financing. Special 
Recommendation Four provides that:

    If financial institutions, or other businesses or entities 
subject to anti-money laundering obligations, suspect or have 
reasonable grounds to suspect that funds are linked or related to, 
or are to be used for terrorism, terrorist acts or by terrorist 
organisations, they should be required to report promptly their 
suspicions to the competent authorities.

For purposes of the Financial Action Task Force's Special 
Recommendation Four, the term ``financial institutions'' is intended to 
refer to both banks and non-bank financial institutions including, 
among other non-bank financial institutions, insurance companies.\5\
---------------------------------------------------------------------------

    \5\ See Guidance Notes for the Special Recommendations on 
Terrorist Financing and the Self-Assessment Questionnaire, Special 
Recommendation Four, paragraph 19 (March 27, 2002).
---------------------------------------------------------------------------

C. Insurance Company Regulation and Money Laundering

    This final rule applies only to insurance companies offering 
covered products, as defined in the rule. The limited definition of 
insurance company for purposes of this rule, as well as the final rule 
requiring insurance companies to establish anti-money laundering 
programs, is not intended to limit the kinds of financial institutions 
that may voluntarily report suspicious activity under the protection of 
the safe harbor from liability contained in 31 U.S.C. 5318(g)(3). 
Insurance companies offer a variety of products aimed at transferring 
the financial risk of a certain event, such as personal injury or 
damage to property, from the insured to the insurer. These products 
include life insurance policies, annuity contracts, property and 
casualty insurance policies, and health insurance policies. These 
products are offered through a number of different distribution 
channels. Some insurance companies sell their products through direct 
marketing in which the insurance company sells a policy directly to the 
insured. Other companies employ agents, who may either be captive or 
independent. Captive agents generally represent only one insurance 
company or group of affiliated companies; independent agents may 
represent a variety of insurance carriers. A customer also may employ a 
broker (e.g., a person who searches the marketplace for insurance in 
the interest of the customer

[[Page 66763]]

rather than the insurer) to obtain insurance.
    This final rule focuses on those insurance products possessing 
features that make them susceptible to being used for money laundering 
or the financing of terrorism. For example, life insurance policies 
that have a cash surrender value are potential money laundering 
vehicles. Cash value can be redeemed by a money launderer or can be 
used as a source of further investment of tainted funds--for example, 
by taking out loans against such cash value. Similarly, annuity 
contracts also pose a money laundering risk because they allow a money 
launderer to exchange illicit funds for an immediate or deferred income 
stream or to purchase a deferred annuity and obtain clean funds upon 
redemption.\6\ These risks do not exist to the same degree in term life 
insurance products, group life insurance products, group annuities, or 
in insurance products offered by property and casualty insurers or by 
title or health insurers.
---------------------------------------------------------------------------

    \6\ For an example of money laundering involving the fraudulent 
conversion of money in an insurance premium trust account, see U.S. 
v. Boscarino, Aulenta, and Mangurten, No. 02 CR 0086 (N.D. Ill. ED 
2002) (Superseding Indictment).
---------------------------------------------------------------------------

    A 2002 federal grand jury indictment illustrates the money 
laundering risks associated with insurance products and the 
corresponding need for vigilance in the insurance industry.\7\ That 
indictment charged five Colombian nationals with conspiring to launder 
millions of dollars originating from the illicit sale of cocaine. The 
scheme involved the purchase and subsequent redemption of life 
insurance policies.
---------------------------------------------------------------------------

    \7\ United States of America v. Rodrigo Jose Murillo, Alexander 
Murillo, Jaime Eduardo Rey Albornoz, Arturo Delgado, and Esperanza 
Romero, Mag. Docket No. 02 CR 21007 (S.D. FL. 2002) (Grand Jury 
Indictment).
---------------------------------------------------------------------------

    According to court documents and interviews related to that 
indictment, federal law enforcement officials have discovered that 
Colombian drug cartels bought life insurance policies in continental 
Europe, the United Kingdom, and in smaller jurisdictions such as the 
Isle of Man, to launder the proceeds of drug trafficking. Using 
narcotics proceeds from the United States and Mexico, the traffickers 
purchased 250 life insurance policies in the Isle of Man alone. The 
insurance policies, worth as much as $1.9 million each, were sometimes 
taken out in the names of cartel associates and members of their 
families. The traffickers would typically cash out all or part of the 
Isle of Man policies prematurely, in some cases after only a year, 
paying penalties of 25 percent or more. The penalties, however, merely 
represented a ``business cost'' of using the insurance policies to 
launder the illicit narcotics proceeds. Thus far, federal law 
enforcement officials have seized more than $9.5 million in Florida in 
connection with the investigation. If the insurance companies in the 
relevant jurisdictions had been subject to anti-money laundering 
controls, they might have detected the money laundering scheme because 
the policyholders were authorizing unrelated third parties to withdraw 
money from the cash value of their policies or were frequently cashing 
out their policies early.
    A review of Suspicious Activity Reports filed with the Financial 
Crimes Enforcement Network also reveals instances in which financial 
institutions have reported the suspected use of insurance products for 
the purpose of laundering the proceeds of criminal activity. During the 
past five years, a number of Suspicious Activity Reports were filed 
that reference the use of an insurance product in suspected money 
laundering activity. For example, several reports describe as 
suspicious the large, lump-sum purchase of annuity contracts, followed 
almost immediately by several withdrawals of those funds. In some 
cases, the entire balance of the annuity contract was withdrawn shortly 
after the purchase of the contract. Other reports detail suspicious 
loans taken out against an annuity contract and life insurance premiums 
being paid by unrelated third parties.

II. Notice of Proposed Rulemaking

    On October 17, 2002, we published a notice of proposed rulemaking, 
67 FR 64067, that would extend the requirement to report suspicious 
transactions to insurance companies. The comment period for the 
proposed rule ended on December 16, 2002. We received over 50 comments 
from insurance companies and agents, banks, trade associations, 
attorneys, and a government agency addressing issues raised by either 
the proposed rule, or by the related proposed rule, 67 FR 60625 
(September 26, 2002), that would require insurance companies to 
establish anti-money laundering programs.

III. Summary of Comments

    Most of the comments focused on the following matters: (1) The 
potential application of a suspicious transaction reporting requirement 
to agents and brokers of insurance companies, rather than just their 
insurance company principals; and (2) the appropriate scope of the 
products that cause an entity to be considered an insurance company for 
purposes of the rule. These comments are discussed below. Other 
significant comments are discussed in the section-by-section analysis.

A. Treatment of Agents and Brokers

    The proposed rule posited that an insurance company, but not its 
agents or brokers, should be required to report suspicious 
transactions. Under the proposed rule, an insurance company would be 
responsible for obtaining customer information from all relevant 
sources, including from its agents and brokers, necessary to properly 
report suspicious activity involving the purchase of any of its covered 
products. We specifically sought comments on whether an insurance 
company's agents and brokers should be subject to a separate obligation 
to report suspicious transactions. Commenters were almost evenly 
divided on this issue. Several agreed with the approach taken in the 
proposed rule, stating that the benefit of requiring tens of thousands 
of insurance agents and brokers to independently report suspicious 
transactions would be outweighed by the costs. Other commenters 
disagreed, arguing that a direct obligation is necessary because 
insurance companies lack sufficient control over their distribution 
channels to ensure the adequate reporting of suspicious customer 
activity.
    After careful consideration of all the views expressed, we are 
adopting the approach set forth in the proposed rule. Under the terms 
of the final rule, the obligation to identify and report suspicious 
transactions applies only to an insurance company, and not its agents 
or brokers.\8\ Nevertheless, because insurance agents and brokers are 
an integral part of the insurance industry due to their direct contact 
with customers, the final rule requires an insurance company to 
establish and implement policies and procedures reasonably designed to 
obtain customer information necessary to detect suspicious activity 
from all relevant sources, including from its agents and brokers, and 
to report suspicious activity based on such information.
---------------------------------------------------------------------------

    \8\ Certain insurance agents may be required under separate 
rules to report suspicious transactions. See infra note 14.
---------------------------------------------------------------------------

    The final rule imposes a direct obligation only on insurance 
companies, and not their agents or brokers, for a number of reasons. 
First, whether an insurance company sells its products directly or 
through agents, we believe that it is appropriate to place on the 
insurance company, which develops and bears the risks of its products, 
the responsibility for guarding against such

[[Page 66764]]

products being used to launder illegally derived funds or to finance 
terrorist acts. Second, insurance companies, due to their much larger 
size relative to that of their numerous agents and brokers, are in a 
much better position to shoulder the costs of compliance connected with 
the sale of their products.\9\ Finally, numerous insurers already have 
in place compliance programs and best practices guidelines for their 
agents and brokers to prevent and detect fraud. We believe that 
insurance companies largely will be able integrate their obligation to 
report suspicious transactions into their existing compliance programs 
and best practices guidelines.
---------------------------------------------------------------------------

    \9\ Although some agents work within large structures, only a 
small fraction of agencies employ more than a handful of people. 
According to one commenter, there are ``independent agents who 
operate on their own or in offices with just a few of their 
independent agent colleagues and thus comprise the quintessential 
notion of a small business operation.'' Letter from the American 
Council of Life Insurers, Nov. 25, 2002, at 4.
---------------------------------------------------------------------------

    Insurance agents and brokers will play an important role in the 
effective operation of an insurance company's obligation to report 
suspicious transactions. By not placing an independent reporting 
obligation on agents and brokers, we do not intend to minimize their 
role and also intend to assess the effectiveness of the rule on an 
ongoing basis. If it appears that the effectiveness of the rule is 
being undermined by the failure of agents and brokers to cooperate with 
their insurance company principals, we will consider proposing 
appropriate amendments to the rule. We also expect that an insurance 
company faced with a non-compliant agent or broker will take the 
necessary actions to secure such compliance, including, when 
appropriate, terminating its business relationship with such an agent 
or broker.

B. Covered Products

    Under the proposed rule, the issuing, underwriting, or reinsuring 
of a life insurance policy, an annuity product, or any product with 
investment or cash value features, would have caused an insurance 
company to fall within the scope of the rule. A company that offered 
exclusively other kinds of insurance products, such as a property and 
casualty insurance policy, would not have been required to report 
suspicious transactions. The overwhelming majority of commenters agreed 
with the distinction that we made between higher-risk and lower-risk 
insurance products.\10\ Some of those commenters requested that we take 
the additional step of further excluding other kinds of insurance 
contracts and products relating to life insurance and annuities, such 
as reinsurance, group life insurance policies, group annuities, and 
term life insurance policies.
---------------------------------------------------------------------------

    \10\ See, e.g., Joint Letter from the Independent Insurance 
Agents and Brokers of America and the National Association of 
Professional Insurance Agents, Nov. 25, 2002, at 1 (``This 
distinction [between life insurance and property and casualty 
insurance] is legitimate and provides relief from the administrative 
and regulatory burdens of the proposed rule for the segments of the 
insurance industry that are at very low risk of money 
laundering.'').
---------------------------------------------------------------------------

    We, not having been informed or otherwise having learned of 
examples proving otherwise, agree that some of these contracts and 
products pose little or no risk of being used for money laundering. For 
example, reinsurance and retrocession contracts and treaties are 
arrangements between insurance companies by which they reallocate risks 
within the insurance industry and do not involve transactions with 
customers. Similarly, group life insurance policies and group annuities 
are typically issued to a company, financial institution, or 
association, and generally do not allow an individual insured or 
participant to manipulate their investment. These products pose low 
money laundering risks. Consequently, the final rule does not include 
in its coverage reinsurance or retrocession contracts or treaties, 
group life insurance, or group annuities.
    After careful consideration of the comments, we also have decided 
not to cover term life (which includes credit life) insurance policies 
at this time. Given the operating characteristics of these products--
e.g., the absence of a cash surrender value and the underwriting 
scrutiny given to term policies, especially those with large face 
amounts--we believe that it would be impractical to launder money 
through term life insurance policies, and that the corresponding money 
laundering risks associated with such products are not significant. 
Nevertheless, as with all new exclusions, we will reconsider this 
position if circumstances warrant.

IV. Section-by-Section Analysis

A. 103.16(a)--Definitions

    Section 103.16(a) defines the key terms used in the final rule. In 
response to comments seeking clarification of certain terms used in the 
proposed rule, the final rule includes definitions of the terms 
``annuity contract,'' ``bank,'' ``broker-dealer in securities,'' 
``covered product,'' ``group annuity contract,'' ``group life insurance 
policy,'' ``insurance agent,'' ``insurance broker,'' and ``permanent 
life insurance policy.''
    The final rule defines an annuity contract as ``any agreement 
between the insurer and the contract owner whereby the insurer promises 
to pay out a fixed or variable income stream for a period of time.'' 
For purposes of the rule, contracts of indemnity, as well as workers 
compensation insurance and structured settlements, are not annuity 
contracts.
    The definition of an insurance company reflects our determination 
that a suspicious activity reporting requirement should be imposed only 
on those sectors of the insurance industry that offer products that 
pose a significant risk of money laundering or terrorist financing. 
Thus, an ``insurance company'' includes any person engaged within the 
United States as a business in the issuing or underwriting of a covered 
product. The term ``as a business'' is intended to exclude those 
persons that offer annuities or another covered product as an 
incidental part of their non-insurance business.\11\ At this time, we 
believe that such persons present a much lower risk of being used for 
money laundering or terrorist financing than those persons that offer a 
covered product as an integral part of their business. We leave open 
the possibility of revisiting this issue in a future rulemaking if 
circumstances warrant.
---------------------------------------------------------------------------

    \11\ For example, a tax-exempt organization that offers 
charitable gift annuities (as defined in section 501(m)(5) of the 
Internal Revenue Code) as a vehicle for planned charitable giving to 
the tax-exempt organization, and that would not otherwise fall 
within the definition of an insurance company, generally would not 
be considered an insurance company under the final rule.
---------------------------------------------------------------------------

    There is an explicit exception to the definition of an insurance 
company. That exception clarifies that insurance agents and insurance 
brokers are not required under the final rule to report suspicious 
transactions. However, as explained below, an insurance company is 
responsible for obtaining customer information from all relevant 
sources, including its agents and brokers, necessary for the purpose of 
detecting and reporting suspicious transactions. In addition, the 
definition of an insurance company refers only to the business of 
issuing or underwriting certain kinds of insurance products and, 
therefore, does not cover the reinsuring or retrocession of insurance 
products.
    The term ``covered product'' is defined to mean: (i) A permanent 
life insurance policy, other than a group life insurance policy; (ii) 
any annuity contract, other than a group annuity contract; and (iii) 
any other insurance product with features of cash value or investment. 
Permanent life insurance

[[Page 66765]]

and annuity products are all covered by the definition of a covered 
product, with the exception of group life insurance and group 
annuities. The definition also incorporates a functional approach, and 
encompasses any insurance product having the same kinds of features 
that make permanent life insurance and annuity products more at risk of 
being used for money laundering. To the extent that term life 
insurance, property and casualty insurance, health insurance, and other 
kinds of insurance do not exhibit these features, they are not products 
covered by the rule.

B. 103.16(b)--General

    Section 103.16(b) contains the rules setting forth the obligation 
of insurance companies to report suspicious transactions that are 
conducted or attempted by, at, or through an insurance company and 
involve or aggregate at least $5,000 in funds or other assets. This 
threshold amount is not limited to insurance policies whose premiums 
meet or exceed $5,000; but rather, includes a policy in which either 
the premium or maximum potential payout meets the threshold. It is 
important to recognize that transactions are reportable under this rule 
and 31 U.S.C. 5318(g) whether or not they involve currency.\12\
---------------------------------------------------------------------------

    \12\ Many currency transactions are not indicative of money 
laundering or other violations of law, a fact recognized both by 
Congress, in authorizing reform of the currency transaction 
reporting system, and by FinCEN in issuing rules to implement that 
system (See 31 U.S.C. 5313(d) and 31 CFR 103.22(d), 63 FR 50147 
(September 21, 1998)). But many non-currency transactions, (for 
example, funds transfers) can indicate illicit activity, especially 
in light of the breadth of the statutes that make money laundering a 
crime. See 18 U.S.C. 1956 and 1957.
---------------------------------------------------------------------------

    Section 103.16(b)(1) contains the general statement of the 
obligation to file reports of suspicious transactions. The obligation 
extends to transactions involving a covered product conducted or 
attempted by, at, or through the insurance company. The phrase 
``involving a covered product'' was added to the final rule to clarify 
that the reporting requirement extends only to transactions involving 
those products that we have determined pose a significant risk of money 
laundering. The second sentence of this section is designed to 
encourage the reporting of transactions that appear relevant to 
violations of law or regulation, even in cases in which the rule does 
not explicitly so require, for example in the case of a suspicious 
transaction falling below the $5,000 threshold in the rule.
    Section 103.16(b)(2) specifically describes the four categories of 
transactions that require reporting. An insurance company is required 
to report a transaction if it knows, suspects, or has reason to suspect 
that the transaction (or a pattern of transactions of which the 
transaction is a part): (i) Involves funds derived from illegal 
activity or is intended or conducted to hide or disguise funds or 
assets derived from illegal activity; (ii) is designed, whether through 
structuring or other means, to evade the requirements of the Bank 
Secrecy Act; (iii) has no business or apparent lawful purpose, and the 
insurance company knows of no reasonable explanation for the 
transaction after examining the available facts; or (iv) involves the 
use of the insurance company to facilitate criminal activity. The final 
category of reportable transactions is intended to ensure that 
transactions involving legally-derived funds that the insurance company 
suspects are being used for a criminal purpose, such as terrorist 
financing, are reported under the rule.\13\
---------------------------------------------------------------------------

    \13\ The fourth reporting category has been added to the 
suspicious activity reporting rules promulgated since the passage of 
the USA PATRIOT Act to make it clear that the requirement to report 
suspicious activity encompasses the reporting of transactions in 
which legally-derived funds are used for criminal activity, such as 
the financing of terrorism.
---------------------------------------------------------------------------

    A determination as to whether a report should be filed must be 
based on all the facts and circumstances relating to the transaction 
and customer (e.g., purchaser). Different fact patterns will require 
different judgments. Some examples of ``red flags'' associated with 
existing or potential customers include, but are not limited to, the 
following:
     The purchase of an insurance product that appears to be 
inconsistent with a customer's needs;
     Any unusual method of payment, particularly by cash or 
cash equivalents (when such method is, in fact, unusual);
     The purchase of an insurance product with monetary 
instruments in structured amounts;
     The early termination of an insurance product, especially 
at a cost to the customer, or where cash was tendered and/or the refund 
check is directed to an apparently unrelated third party;
     The transfer of the benefit of an insurance product to an 
apparently unrelated third party;
     Little or no concern by a customer for the investment 
performance of an insurance product, but much concern about the early 
termination features of the product;
     The reluctance by a customer to provide identifying 
information when purchasing an insurance product, or the provision of 
minimal or seemingly fictitious information; and
     The borrowing of the maximum amount available soon after 
purchasing the product.
    The techniques of money laundering are continually evolving, and 
there is no way to provide an exhaustive list of suspicious 
transactions.
    Section 103.16(b)(3) provides that an insurance company is 
responsible for reporting suspicious transactions conducted through its 
insurance agents and insurance brokers. Suspicious activity that occurs 
at the time of sale of the covered product is most likely to be 
observed by the agent or broker, while suspicious activity that occurs 
following the issuance of a policy and during the ongoing 
administration of the product would most likely be observed by the 
insurance company.
    Insurance agents and insurance brokers are not independently 
required to report suspicious transactions under the final rule. 
Accordingly, section 103.16(b)(3) also states that an insurance company 
shall have procedures in place reasonably designed to obtain customer-
related information (which includes observations and assessments) from 
its insurance agents and insurance brokers necessary to detect 
suspicious activity, and is responsible for reporting suspicious 
activity based on such information. The specific means to obtain such 
information are left to the discretion of the insurance company, 
although we anticipate that the insurance company may need to amend 
existing agreements with its agents and brokers to ensure that the 
company receives necessary customer information.
    Section 103.16(b)(3) acknowledges that certain insurance agents and 
insurance brokers, such as broker-dealers in securities with respect to 
the sale of variable insurance products, may have a separate obligation 
to report suspicious activity under another Bank Secrecy Act 
regulation.\14\ In those instances, the filing of a joint suspicious 
activity report is permissible. In all such joint filings, only one of 
the filing institutions should be identified as the ``filer'' in the 
filer identification section of the form. The narrative of the 
Suspicious Activity Report must include the words ``joint filing'' and 
must identify the other financial institution or institutions on whose 
behalf the report is being filed. As set forth in section 103.16(e), an 
insurance company must keep a copy of any joint Suspicious Activity 
Report filed. To

[[Page 66766]]

avoid the filing of duplicative reports on the same suspicious 
transaction or transactions, all insurance companies, insurance agents, 
insurance brokers, and other financial institutions involved in the 
same suspicious transaction may share information with one another 
pertaining to that transaction, so long as such sharing does not notify 
the subject of the transaction that the transaction has been reported. 
Conforming language has been added to the retention and confidentiality 
provisions set forth at sections 103.16(e) and (f).
---------------------------------------------------------------------------

    \14\ Variable insurance products that are deemed securities 
under the Securities Exchange Act of 1934 must be sold by registered 
broker-dealers, which are themselves subject to a suspicious 
activity reporting obligation. See 31 CFR 103.19.
---------------------------------------------------------------------------

    In addition, some insurance companies issue variable insurance 
products funded by separate accounts, some of which meet the definition 
of a mutual fund,\15\ and therefore may be obligated to report 
suspicious activities relating to those products under any final rule 
that may be adopted requiring mutual funds to report suspicious 
activity. To avoid a duplicate filing requirement, we intend to amend 
this rule to require filing in such cases under the rule for mutual 
funds when a final rule is adopted.
---------------------------------------------------------------------------

    \15\ See 31 CFR 103.130(a) (anti-money laundering program 
requirement for mutual funds).
---------------------------------------------------------------------------

    In order to evaluate customer activity and relationships for money 
laundering and terrorism risks, we expect that insurance companies will 
incorporate into their anti-money laundering programs a suspicious 
transaction monitoring program that is appropriate for the particular 
insurance company and its covered products in light of such risks. The 
design and implementation of such a program, rather than isolated 
instances of failing to report suspicious transactions, will be more 
important when assessing an insurance company's compliance with the 
requirements of the rule.

C. 103.16(c)--Filing Procedures

    Section 103.16(c) sets forth the filing procedures to be followed 
by insurance companies making reports of suspicious transactions. 
Within 30 days after an insurance company becomes aware of a reportable 
suspicious transaction, the business must report the transaction by 
completing a Suspicious Activity Report by Insurance Companies (SAR-IC) 
and filing it in a central location to be determined by the Financial 
Crimes Enforcement Network. The SAR-IC will resemble the Suspicious 
Activity Report forms used by depository institutions to report 
suspicious transactions, and a draft form will be made available for 
comment in accordance with the requirements of the Paperwork Reduction 
Act (44 U.S.C. 3501 et seq.) and the Office of Management and Budget's 
implementing regulations (5 CFR part 1320).\16\
---------------------------------------------------------------------------

    \16\ The only Bank Secrecy Act regulatory requirement currently 
applicable to insurance companies is the obligation to report on 
Form 8300 the receipt of cash or certain non-cash instruments 
totaling more than $10,000 in one transaction or in two or more 
related transactions. We understand that many insurance companies 
have used the Form 8300 to voluntarily report suspicious 
transactions. Once the SAR-IC becomes effective, insurance companies 
should use the SAR-IC, rather than the Form 8300, to report 
suspicious transactions. In the interim, insurance companies may use 
the Suspicious Activity Report by Securities and Futures Industries 
form.
---------------------------------------------------------------------------

    Supporting documentation relating to each SAR-IC is to be collected 
and maintained separately by the insurance company and made available 
to appropriate law enforcement and supervisory agencies upon request. 
Special provision is made for situations requiring immediate attention, 
in which case insurance companies are to telephone the appropriate law 
enforcement authority in addition to filing a SAR-IC.

D. 103.16(d)--Exception

    Section 103.16(d) provides an exception to the reporting 
requirement for false information submitted to the insurance company to 
obtain a policy or support a claim. Language has been added to the 
final rule to make clear that an insurance company is not required to 
report instances of suspected insurance fraud unless the company has 
reason to believe that the false or fraudulent submission of 
information relates to money laundering or terrorist financing. For 
example, we do not expect an insurance company to report the submission 
of false medical records by a customer seeking life insurance coverage 
unless the company has a reason to believe that the purchase of the 
covered product is related to money laundering or terrorist financing. 
Some of the fact patterns that are associated with potential money 
laundering or terrorist financing are described above.

E. 103.16(e)--Retention of Records

    Section 103.16(e) provides that insurance companies must maintain 
copies of SAR-ICs and the original or business record equivalent of any 
supporting documentation for a period of five years from the date of 
filing. This provision has been modified to require an insurance 
company to retain copies of reports (and supporting documentation) 
provided to it by its agents that are required to make reports by 
another provision in 31 CFR part 103 when the agents and the company 
file a joint report regarding a transaction involving both entities. As 
indicated above, all supporting documentation is to be made available 
to the Financial Crimes Enforcement Network and other appropriate law 
enforcement and supervisory authorities, on request.

F. 103.16(f)--Confidentiality of Reports; Limitation on Liability

    Section 103.16(f) reflects the statutory prohibition against the 
disclosure of information filed in, or the fact of filing, a Suspicious 
Activity Report (whether the report is required by the final rule or is 
filed voluntarily). See 31 U.S.C. 5318(g)(2). Thus, the paragraph 
specifically prohibits insurance companies filing SAR-ICs (or receiving 
a copy of filed joint Suspicious Activity Reports from another 
financial institution involved in the same transaction) from making any 
disclosure of a Suspicious Activity Report or the information contained 
therein, except to appropriate law enforcement and supervisory 
agencies. As amended by the USA PATRIOT Act, 31 U.S.C. 5318(g)(3) 
provides a safe harbor from liability to any financial institution that 
makes a voluntary disclosure of any possible violation of law or 
regulation to a government agency and to any financial institution that 
reports suspicious activity pursuant to section 5318(g) or pursuant to 
any other authority. Section 5318(g)(3) further provides protection 
from liability for the non-disclosure of the fact of such reporting. 
Section 103.16(f) does not prohibit insurance companies from obtaining 
customer information from its agents and brokers necessary to detect 
and report suspicious activity, as required by section 103.16(b)(3). 
This section also does not prohibit insurance companies from discussing 
with their agents and brokers, for purposes of section 103.16(b)(3), 
information pertaining to a suspicious transaction with which each 
institution is involved, and the determination of which institution 
will file the Suspicious Activity Report in such a case.

G. 103.16(g)--Compliance

    Section 103.16(g) states that compliance with the obligation to 
report suspicious transactions will be examined, and failure to comply 
with the rule may constitute a violation of the Bank Secrecy Act and 
its implementing regulations.

H. 103.16(h)--Insurance Companies That Are Registered Broker-Dealers in 
Securities.

    The proposed rule provided in section 103.16(i) that an insurance 
company that is registered or required to register with the Securities 
and Exchange Commission shall be deemed to have

[[Page 66767]]

satisfied the requirements of this section for those activities 
regulated by the Securities and Exchange Commission, to the extent that 
the company complies with the reporting requirements applicable to such 
activities that are imposed under section 103.19. \17\ The purpose of 
this provision is to provide that an insurance company that is also 
registered with the Securities and Exchange Commission as a broker-
dealer in securities, and is therefore required to report suspicious 
activities under section 103.19, would not be subject to duplicate 
reporting requirements under this final rule as well.\18\ To the extent 
that any such insurance company would be required to report suspicious 
activities under this final rule that would not be reportable under 
section 103.19, it would be required to report under this final rule. 
The provision has been retained in the final rule with non-substantive 
changes.
---------------------------------------------------------------------------

    \17\ 17 We are aware of only one such insurance company, 
although there may be others.
    \18\ This is to be distinguished from a broker-dealer in 
securities acting as agent for an insurance company reporting under 
section 103.19, where a joint Suspicious Activity Report is 
permissible under subsection (b)(3)(ii) of the final rule.
---------------------------------------------------------------------------

I. 103.16(i)--Applicability Date

    Section 103.16(i) provides that the new suspicious activity 
reporting rule applies to transactions occurring after May 2, 2006.

V. Executive Order 12866

    This final rule is not a significant regulatory action for purposes 
of Executive Order 12866. Accordingly, a regulatory impact analysis is 
not required.

VI. Regulatory Flexibility Act

    It is hereby certified, pursuant to the Regulatory Flexibility Act 
(5 U.S.C. 601 et seq.), that this final rule is not likely to have a 
significant economic impact on a substantial number of small entities. 
The Bank Secrecy Act anticipates that we will require financial 
institutions to report suspicious activities. Moreover, the final rule 
requires insurance companies, rather than their agents or brokers, to 
file reports of suspicious transactions, and most insurance companies 
are larger businesses. In addition, all insurance companies, in order 
to remain viable, have in place policies and procedures to prevent and 
detect fraud. Such anti-fraud measures should assist insurance 
companies in reporting suspicious transactions. We anticipate that 
insurance companies will be readily able to incorporate the suspicious 
reporting requirements of this rule into those anti-fraud measures. In 
addition, the costs associated with suspicious activity reporting will 
be commensurate with the size of an insurance company. If a company is 
small, the burden of complying with the final rule should be 
correspondingly small.
    Consistent with the principles of the Regulatory Flexibility Act, 
we considered exempting small insurance companies from some or all of 
the requirements of the final rule. We do not believe that such an 
exemption is appropriate, given that money laundering can also be 
conducted through small insurance companies.

VII. Paperwork Reduction Act

    The collection of information contained in the final rule has been 
approved by the Office of Management and Budget in accordance with the 
Paperwork Reduction Act of 1995 (44 U.S.C. 3507(d)), and assigned 
Office of Management and Budget Control Number 1506-0029. An agency may 
not conduct or sponsor, and a person is not required to respond to, a 
collection of information unless it displays a valid control number 
assigned by the Office of Management and Budget.
    The only requirement in the final rule that is subject to the 
Paperwork Reduction Act is the recordkeeping requirement in section 
103.16(e). The estimated annual average burden associated with this 
collection of information is three hours per recordkeeper. We received 
no comments concerning this burden estimate.
    Comments concerning the accuracy of this recordkeeping burden 
estimate and suggestions for reducing this burden should be sent 
(preferably by fax on 202-395-6974) to Desk Officer for the Department 
of the Treasury, Office of Information and Regulatory Affairs, Office 
of Management and Budget, Washington, DC 20503 (or by the Internet to 
[email protected]), with a copy by paper mail to Financial Crimes 
Enforcement Network, P.O. Box 39, Vienna, VA 22183, ``ATTN: Insurance 
Company SAR Regulation'' or by electronic mail to 
[email protected] with the caption ``ATTN: Insurance Company 
SAR Regulation'' in the body of the text.

List of Subjects in 31 CFR Part 103

    Administrative practice and procedure, Authority delegations 
(Government agencies), Insurance companies, Currency, Investigations, 
Law Enforcement, Reporting and recordkeeping requirements.

Authority and Issuance

0
For the reasons set forth in the preamble, part 103 of title 31 of the 
Code of Federal Regulations is amended as follows:

PART 103--FINANCIAL RECORDKEEPING AND REPORTING OF CURRENCY AND 
FINANCIAL TRANSACTIONS

0
1. The authority citation for part 103 continues to read as follows:

    Authority: 12 U.S.C. 1829b and 1951-1959; 31 U.S.C. 5311-5314, 
5316-5332; title III, sec. 314, Pub. L. 107-56, 115 Stat. 307.


0
2. Subpart B of part 103 is amended by adding new Sec.  103.16 to read 
as follows:


Sec.  103.16  Reports by insurance companies of suspicious 
transactions.

    (a) Definitions. For purposes of this section:
    (1) Annuity contract means any agreement between the insurer and 
the contract owner whereby the insurer promises to pay out a fixed or 
variable income stream for a period of time.
    (2) Bank has the same meaning as provided in Sec.  103.11(c).
    (3) Broker-dealer in securities has the same meaning as provided in 
Sec.  103.11(f).
    (4) Covered product means:
    (i) A permanent life insurance policy, other than a group life 
insurance policy;
    (ii) An annuity contract, other than a group annuity contract; or
    (iii) Any other insurance product with features of cash value or 
investment.
    (5) Group annuity contract means a master contract providing 
annuities to a group of persons under a single contract.
    (6) Group life insurance policy means any life insurance policy 
under which a number of persons and their dependents, if appropriate, 
are insured under a single policy.
    (7) Insurance agent means a sales and/or service representative of 
an insurance company. The term ``insurance agent'' encompasses any 
person that sells, markets, distributes, or services an insurance 
company's covered products, including, but not limited to, a person who 
represents only one insurance company, a person who represents more 
than one insurance company, and a bank or broker-dealer in securities 
that sells any covered product of an insurance company.
    (8) Insurance broker means a person who, by acting as the 
customer's representative, arranges and/or services covered products on 
behalf of the customer.

[[Page 66768]]

    (9) Insurance company or insurer. (i) Except as provided in 
paragraph (a)(9)(ii) of this section, the term ``insurance company'' or 
``insurer'' means any person engaged within the United States as a 
business in the issuing or underwriting of any covered product.
    (ii) The term ``insurance company'' or ``insurer'' does not include 
an insurance agent or insurance broker.
    (10) Permanent life insurance policy means an agreement that 
contains a cash value or investment element and that obligates the 
insurer to indemnify or to confer a benefit upon the insured or 
beneficiary to the agreement contingent upon the death of the insured.
    (11) Person has the same meaning as provided in Sec.  103.11(z).
    (12) United States has the same meaning as provided in Sec.  
103.11(nn).
    (b) General. (1) Each insurance company shall file with the 
Financial Crimes Enforcement Network, to the extent and in the manner 
required by this section, a report of any suspicious transaction 
involving a covered product that is relevant to a possible violation of 
law or regulation. An insurance company may also file with the 
Financial Crimes Enforcement Network by using the form specified in 
paragraph (c)(1) of this section or otherwise, a report of any 
suspicious transaction that it believes is relevant to the possible 
violation of any law or regulation but the reporting of which is not 
required by this section.
    (2) A transaction requires reporting under this section if it is 
conducted or attempted by, at, or through an insurance company, and 
involves or aggregates at least $5,000 in funds or other assets, and 
the insurance company knows, suspects, or has reason to suspect that 
the transaction (or a pattern of transactions of which the transaction 
is a part):
    (i) Involves funds derived from illegal activity or is intended or 
conducted in order to hide or disguise funds or assets derived from 
illegal activity (including, without limitation, the ownership, nature, 
source, location, or control of such funds or assets) as part of a plan 
to violate or evade any federal law or regulation or to avoid any 
transaction reporting requirement under federal law or regulation;
    (ii) Is designed, whether through structuring or other means, to 
evade any requirements of this part or of any other regulations 
promulgated under the Bank Secrecy Act, Public Law 91-508, as amended, 
codified at 12 U.S.C. 1829b, 12 U.S.C. 1951-1959, and 31 U.S.C. 5311-
5314; 5316-5332;
    (iii) Has no business or apparent lawful purpose or is not the sort 
in which the particular customer would normally be expected to engage, 
and the insurance company knows of no reasonable explanation for the 
transaction after examining the available facts, including the 
background and possible purpose of the transaction; or
    (iv) Involves use of the insurance company to facilitate criminal 
activity.
    (3) (i) An insurance company is responsible for reporting 
suspicious transactions conducted through its insurance agents and 
insurance brokers. Accordingly, an insurance company shall establish 
and implement policies and procedures reasonably designed to obtain 
customer-related information necessary to detect suspicious activity 
from all relevant sources, including from its insurance agents and 
insurance brokers, and shall report suspicious activity based on such 
information.
    (ii) Certain insurance agents may have a separate obligation to 
report suspicious activity pursuant to other provisions of this part. 
In those instances, no more than one report is required to be filed by 
the financial institutions involved in the transaction, as long as the 
report filed contains all relevant facts, including the names of both 
institutions and the words ``joint filing'' in the narrative section, 
and both institutions maintain a copy of the report filed, along with 
any supporting documentation.
    (c) Filing procedures--(1) What to file. A suspicious transaction 
shall be reported by completing a Suspicious Activity Report by 
Insurance Companies (SAR-IC), and collecting and maintaining supporting 
documentation as required by paragraph (e) of this section.
    (2) Where to file. The SAR-IC shall be filed with the Financial 
Crimes Enforcement Network as indicated in the instructions to the SAR-
IC.
    (3) When to file. A SAR-IC shall be filed no later than 30 calendar 
days after the date of the initial detection by the insurance company 
of facts that may constitute a basis for filing a SAR-IC under this 
section. If no suspect is identified on the date of such initial 
detection, an insurance company may delay filing a SAR-IC for an 
additional 30 calendar days to identify a suspect, but in no case shall 
reporting be delayed more than 60 calendar days after the date of such 
initial detection. In situations that require immediate attention, such 
as terrorist financing or ongoing money laundering schemes, the 
insurance company shall immediately notify by telephone an appropriate 
law enforcement authority in addition to filing timely a SAR-IC. 
Insurance companies wishing voluntarily to report suspicious 
transactions that may relate to terrorist activity may call the 
Financial Crimes Enforcement Network's Financial Institutions Hotline 
at 1-866-556-3974 in addition to filing timely a SAR-IC if required by 
this section.
    (d) Exception. An insurance company is not required to file a SAR-
IC to report the submission to it of false or fraudulent information to 
obtain a policy or make a claim, unless the company has reason to 
believe that the false or fraudulent submission relates to money 
laundering or terrorist financing.
    (e) Retention of records. An insurance company shall maintain a 
copy of any SAR-IC filed and the original or business record equivalent 
of any supporting documentation for a period of five years from the 
date of filing the SAR-IC. Supporting documentation shall be identified 
as such and maintained by the insurance company and shall be deemed to 
have been filed with the SAR-IC. When an insurance company has filed or 
is identified as a filer in a joint Suspicious Activity Report, the 
insurance company shall maintain a copy of such joint report (together 
with copies of any supporting documentation) for a period of five years 
from the date of filing. An insurance company shall make all supporting 
documentation available to the Financial Crimes Enforcement Network and 
any other appropriate law enforcement agencies or supervisory agencies 
upon request.
    (f) Confidentiality of reports; limitation of liability. No 
insurance company, and no director, officer, employee, agent, or broker 
of any insurance company, who reports a suspicious transaction under 
this part (whether such a report is required by this section or made 
voluntarily), may notify any person involved in the transaction that 
the transaction has been reported, except to the extent permitted by 
paragraph (b)(3) of this section. Thus, any insurance company 
subpoenaed or otherwise requested to disclose a SAR-IC or the 
information contained in a SAR-IC (or a copy of a joint Suspicious 
Activity Report filed with another financial institution involved in 
the same transaction, including an insurance agent), except where such 
disclosure is requested by the Financial Crimes Enforcement Network or 
another appropriate law enforcement or supervisory agency, shall 
decline to produce the Suspicious Activity Report or to provide any 
information that would disclose that a Suspicious Activity Report has 
been prepared or

[[Page 66769]]

filed, citing as authority 31 CFR 103.16 and 31 U.S.C. 5318(g)(2), and 
shall notify the Financial Crimes Enforcement Network of any such 
request and its response thereto. An insurance company, and any 
director, officer, employee, agent, or broker of such insurance 
company, that makes a report pursuant to this section, including a 
joint report (whether such report is required by this section or made 
voluntarily) shall be protected from liability for any disclosure 
contained in, or for failure to disclose the fact of, such report, or 
both, to the extent provided by 31 U.S.C. 5318(g)(3).
    (g) Compliance. Compliance with this section shall be examined by 
the Department of the Treasury, through the Financial Crimes 
Enforcement Network or its delegees, under the terms of the Bank 
Secrecy Act. Failure to comply with the requirements of this section 
may constitute a violation of the reporting rules of the Bank Secrecy 
Act and of this part.
    (h) Suspicious transaction reporting requirements for insurance 
companies registered or required to register with the Securities and 
Exchange Commission as broker-dealers in securities. An insurance 
company that is registered or required to register with the Securities 
and Exchange Commission as a broker-dealer in securities shall be 
deemed to have satisfied the requirements of this section for its 
broker-dealer activities to the extent that the company complies with 
the reporting requirements applicable to such activities pursuant to 
Sec.  103.19.
    (i) Applicability date. This section applies to transactions 
occurring after May 2, 2006.

    Dated: October 28, 2005.
William J. Fox,
Director, Financial Crimes Enforcement Network.
[FR Doc. 05-21918 Filed 11-2-05; 8:45 am]
BILLING CODE 4810-02-P