Compliance Regulatory Overview: USA Patriot Act

This is part five of a seven-part series on IT compliance. In this lesson, we will explore the USA Patriot Act: who it affects, what not complying could mean to your organization, and best practices for complying.

Lesson 5 of 7

The USA Patriot Act (Uniting and Strengthening America by
Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of
2001) extends law enforcement’s surveillance and investigative powers. It also,
for the first time, makes businesses responsible for seeking, detecting, and
reporting computer trespasses. Banks in particular are expected to identify,
discover, gather, amass, investigate, and report on financial activity to a far
greater degree and depth than ever before was expected of them.

One provision of the USA Patriot Act requires financial
services companies to develop improved capabilities to identify customers and
flag suspicious transactions. Here’s how businesses hope software
can help them meet reporting requirements.

Weekly tips in your inbox

For weekly information on a variety of subjects related to IT compliance, including regulations outlined by Sarbanes-Oxley, HIPAA, and e-mail, sign up for TechRepublic’s free Compliance Issues newsletter.

Automatically sign up today!

The National Association of Criminal Defense Lawyers (NACDL)
summarized the provisions in the USA Patriot Act under these categories:

Surveillance
Money
Laundering and Forfeiture
Immigration
Terrorists
and Terrorism

For details, see the NACDL Summary of USA Patriot Act.

The USA Patriot Act has not been without critics. For
instance, this report from National Public Radio looks at Alleged Abuses
of the Law.

For a comprehensive list of USA Patriot Act resources,
including free downloads, see page two.

USA Patriot Act resources

EPIC
USA Patriot Act page
Get a host of information about the USA Patriot Act on the Electronic
Privacy Information Center’s Web site. From the latest news to an overview
on the act, this resource page will help you gain a wealth of knowledge.
House
Passes USA Patriot Act Extension
Because of the recent terrorist attacks in London, the House of
Representatives voted on June 21, 2005 to extend parts of the USA Patriot
Act that are due to expire at the end of 2005, which would make permanent
14 of the 16 expiring Patriot Act provisions. For more details, listen to
this report from National Public Radio.
The USA Patriot
Act
This article from the Defending America Web site describes the sections of
the USA Patriot Act and what they mean to IT administrators.
The USA
Patriot Act: Alleged Abuses of the Law
In this article from the National Public Radio’s Web site, the American Civil
Liberties Union (ACLU) criticizes the Patriot Act for its invasion of
privacy.
Businesses
hope software can help them meet reporting requirements of the Patriot Act
One provision of the USA Patriot Act requires financial services companies
to develop improved capabilities to identify customers and flag suspicious
transactions. Find out how software offerings may help enterprises stay in
compliance.
USA
Patriot Act free compliance guide
Sign up for this free guide from Innovative Systems that will help you
comply with suspect screening, identify verification, and reporting
requirements of the USA Patriot Act.
NACDL Summary of USA Patriot Act
Read this summary of the USA Patriot, as provided by the National
Association of Criminal Defense Lawyers.
Software
exec IDs seven elements of federal privacy, security, and disclosure
compliance
Every CIO and CTO pondering how to get their company into compliance with
the dizzying array of federal privacy, security, and disclosure
legislation will tell you these federal laws are vague and ambiguously
written. Here is a sample of what is out there, including the Patriot Act.
Microsoft
to add ‘black box’ to Windows
Microsoft has announced its plans to add the equivalent of a flight data
recorder to PCs. In the lively article discussion, TechRepublic member apotheon discusses the social,
political, and philosophical aspects of the USA Patriot Act.
National Venture Capital
Association: Guidance for compliance with the USA Patriot Act
The USA Patriot Act requires, according to officials at the U.S. Department
of Treasury, venture capital funds, and consequently, venture capital
firms that manage them, to comply with federal anti-money laundering (AML)
laws. Learn more about complying with the USA Patriot Act on the National
Venture Capital Association’s Web site.
Basic facts about money laundering
This document from the Financial Action Task Force on money laundering explains
what money laundering is, what effect it has, and the Forty
Recommendations for action against money laundering.
Interagency
CIP Guidance Issued
This article by Sue Burt, Senior Attorney – Bankers Systems Inc., addresses
a few of the regulatory interpretations of an interagency guidance
released by the federal regulatory agencies in complying with the Customer
Identification Program requirements under Section 326 of the USA Patriot
Act.

White papers

Complying
with confidence
Whether it is Sarbanes-Oxley, Basel II, International Accounting
Standards (IAS), HIPAA, or the USA Patriot Act, integrating information in
support of compliance is not a one-off proposition. Compliance requires
ongoing and constant enforcement. It’s never a matter of simply checking a
box and then moving to another project. Companies typically dedicate one
or two people solely to compliance projects. Read this paper from the
Sarbanes-Oxley Compliance Journal to learn how to effectively handle data
integration and provide visibility.
Managing
e-mail security policy and regulatory compliance requirements
The Sarbanes-Oxley Act, Health Insurance Portability and Accountability
Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA) and the threats highlighted
by the CAN-SPAM and Internet Spyware Prevention Acts have driven major
changes in the systems, processes, and security inside organizations. This paper by Proofpoint addresses both general
and industry-specific business regulations and how they impact an
organization’s e-mail system.
Helping
Clients to Address Their Anti-Money Laundering (AML) Regulatory Compliance
Issues in the Banking Industry
The U.S. Congress ratified the USA PATRIOT Act, which provides more
stringent AML regulations and imposes significantly harsher penalties for
banks and financial institutions in the event of noncompliance. While
regulatory requirements are the primary drivers for AML compliance, the
potential loss of a bank’s reputation acts as a compelling secondary
concern. Read this paper from IBM, which provides key elements for an effective
AML solution.

Vendors

Sybase
(Sybase PATRIOTcompliance)
SAS (SAS Anti-Money
Laundering)
Mantas
(Mantas Anti-Money Laundering)
NetEconomy (ERASE Compliance
Manager)
Open
Text Corporation (Livelink for Customer Due Diligence)
Bankers Systems, Inc.
(PATRIOT ACT Compliance Suite)

Course list

Lesson
1: Sarbanes-Oxley
Lesson
2: HIPAA
Lesson
3: Gramm-Leach-Bliley
Lesson
4: FERPA
Lesson
5: USA Patriot Act
Lesson
6: European legislation
Lesson
7: What’s next?

Sign up for the Compliance Regulatory Overview series

If you haven’t subscribed to this series, automatically sign up today to receive the entire Compliance Regulatory Overview series in your inbox.

We want your feedback

Lesson 5 on the USA Patriot Act was:

Very helpful
Somewhat helpful
Not helpful

The company, which for several years has been on a buying spree for best-of-breed products, is integrating platforms to generate synergies for speed, insights and collaboration.

This policy describes guidelines your organization can follow to track, process and decommission IT equipment. From the policy: SUMMARY An organization’s IT hardware inventory constitutes a significant capital investment in order to perform company operations. Because hardware represents a critical asset and often holds organizational data, it is important for the company to track each ...

Compliance Regulatory Overview: USA Patriot Act