Compliance Regulatory Overview: USA Patriot Act

Lesson 5 of 7

The USA Patriot Act (Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001) extends law enforcement's surveillance and investigative powers. It also, for the first time, makes businesses responsible for seeking, detecting, and reporting computer trespasses. Banks in particular are expected to identify, discover, gather, amass, investigate, and report on financial activity to a far greater degree and depth than ever before was expected of them.

One provision of the USA Patriot Act requires financial services companies to develop improved capabilities to identify customers and flag suspicious transactions. Here's how businesses hope software can help them meet reporting requirements.

Weekly tips in your inbox

For weekly information on a variety of subjects related to IT compliance, including regulations outlined by Sarbanes-Oxley, HIPAA, and e-mail, sign up for TechRepublic's free Compliance Issues newsletter.

Automatically sign up today!

The National Association of Criminal Defense Lawyers (NACDL) summarized the provisions in the USA Patriot Act under these categories:

• Surveillance
• Money Laundering and Forfeiture
• Immigration
• Terrorists and Terrorism

For details, see the NACDL Summary of USA Patriot Act.

The USA Patriot Act has not been without critics. For instance, this report from National Public Radio looks at Alleged Abuses of the Law.

For a comprehensive list of USA Patriot Act resources, including free downloads, see page two.

USA Patriot Act resources

• EPIC USA Patriot Act page
  Get a host of information about the USA Patriot Act on the Electronic Privacy Information Center's Web site. From the latest news to an overview on the act, this resource page will help you gain a wealth of knowledge.
• House Passes USA Patriot Act Extension
  Because of the recent terrorist attacks in London, the House of Representatives voted on June 21, 2005 to extend parts of the USA Patriot Act that are due to expire at the end of 2005, which would make permanent 14 of the 16 expiring Patriot Act provisions. For more details, listen to this report from National Public Radio.
• The USA Patriot Act
  This article from the Defending America Web site describes the sections of the USA Patriot Act and what they mean to IT administrators.
• The USA Patriot Act: Alleged Abuses of the Law
  In this article from the National Public Radio's Web site, the American Civil Liberties Union (ACLU) criticizes the Patriot Act for its invasion of privacy.
• Businesses hope software can help them meet reporting requirements of the Patriot Act
  One provision of the USA Patriot Act requires financial services companies to develop improved capabilities to identify customers and flag suspicious transactions. Find out how software offerings may help enterprises stay in compliance.
• USA Patriot Act free compliance guide
  Sign up for this free guide from Innovative Systems that will help you comply with suspect screening, identify verification, and reporting requirements of the USA Patriot Act.
• NACDL Summary of USA Patriot Act
  Read this summary of the USA Patriot, as provided by the National Association of Criminal Defense Lawyers.
• Software exec IDs seven elements of federal privacy, security, and disclosure compliance
  Every CIO and CTO pondering how to get their company into compliance with the dizzying array of federal privacy, security, and disclosure legislation will tell you these federal laws are vague and ambiguously written. Here is a sample of what is out there, including the Patriot Act.
• Microsoft to add 'black box' to Windows
  Microsoft has announced its plans to add the equivalent of a flight data recorder to PCs. In the lively article discussion, TechRepublic member apotheon discusses the social, political, and philosophical aspects of the USA Patriot Act.
• National Venture Capital Association: Guidance for compliance with the USA Patriot Act
  The USA Patriot Act requires, according to officials at the U.S. Department of Treasury, venture capital funds, and consequently, venture capital firms that manage them, to comply with federal anti-money laundering (AML) laws. Learn more about complying with the USA Patriot Act on the National Venture Capital Association's Web site.
• Basic facts about money laundering
  This document from the Financial Action Task Force on money laundering explains what money laundering is, what effect it has, and the Forty Recommendations for action against money laundering.
• Interagency CIP Guidance Issued
  This article by Sue Burt, Senior Attorney - Bankers Systems Inc., addresses a few of the regulatory interpretations of an interagency guidance released by the federal regulatory agencies in complying with the Customer Identification Program requirements under Section 326 of the USA Patriot Act.

White papers

• Complying with confidence
  Whether it is Sarbanes-Oxley, Basel II, International Accounting Standards (IAS), HIPAA, or the USA Patriot Act, integrating information in support of compliance is not a one-off proposition. Compliance requires ongoing and constant enforcement. It's never a matter of simply checking a box and then moving to another project. Companies typically dedicate one or two people solely to compliance projects. Read this paper from the Sarbanes-Oxley Compliance Journal to learn how to effectively handle data integration and provide visibility.
• Managing e-mail security policy and regulatory compliance requirements
  The Sarbanes-Oxley Act, Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA) and the threats highlighted by the CAN-SPAM and Internet Spyware Prevention Acts have driven major changes in the systems, processes, and security inside organizations. This paper by Proofpoint addresses both general and industry-specific business regulations and how they impact an organization's e-mail system.
• Helping Clients to Address Their Anti-Money Laundering (AML) Regulatory Compliance Issues in the Banking Industry
  The U.S. Congress ratified the USA PATRIOT Act, which provides more stringent AML regulations and imposes significantly harsher penalties for banks and financial institutions in the event of noncompliance. While regulatory requirements are the primary drivers for AML compliance, the potential loss of a bank's reputation acts as a compelling secondary concern. Read this paper from IBM, which provides key elements for an effective AML solution.

Vendors

• Sybase (Sybase PATRIOTcompliance)
• SAS (SAS Anti-Money Laundering)
• Mantas (Mantas Anti-Money Laundering)
• NetEconomy (ERASE Compliance Manager)
• Open Text Corporation (Livelink for Customer Due Diligence)
• Bankers Systems, Inc. (PATRIOT ACT Compliance Suite)

Course list

• Lesson 1: Sarbanes-Oxley
• Lesson 2: HIPAA
• Lesson 3: Gramm-Leach-Bliley
• Lesson 4: FERPA
• Lesson 5: USA Patriot Act
• Lesson 6: European legislation
• Lesson 7: What's next?

Sign up for the Compliance Regulatory Overview series

If you haven't subscribed to this series, automatically sign up today to receive the entire Compliance Regulatory Overview series in your inbox.

We want your feedback

Lesson 5 on the USA Patriot Act was:

 Very helpful
 Somewhat helpful
 Not helpful