This is part five of a seven-part series on IT compliance. In this lesson, we will explore the USA Patriot Act: who it affects, what not complying could mean to your organization, and best practices for complying.
Lesson 5 of 7
The USA Patriot Act (Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001) extends law enforcement's surveillance and investigative powers. It also, for the first time, makes businesses responsible for seeking, detecting, and reporting computer trespasses. Banks in particular are expected to identify, discover, gather, amass, investigate, and report on financial activity to a far greater degree and depth than ever before was expected of them.
One provision of the USA Patriot Act requires financial services companies to develop improved capabilities to identify customers and flag suspicious transactions. Here's how businesses hope software can help them meet reporting requirements.
The National Association of Criminal Defense Lawyers (NACDL) summarized the provisions in the USA Patriot Act under these categories:
- Surveillance
- Money Laundering and Forfeiture
- Immigration
- Terrorists and Terrorism
For details, see the NACDL Summary of USA Patriot Act.
The USA Patriot Act has not been without critics. For instance, this report from National Public Radio looks at Alleged Abuses of the Law.
For a comprehensive list of USA Patriot Act resources, including free downloads, see page two.
USA Patriot Act resources
- EPIC
USA Patriot Act page
Get a host of information about the USA Patriot Act on the Electronic Privacy Information Center's Web site. From the latest news to an overview on the act, this resource page will help you gain a wealth of knowledge. - House
Passes USA Patriot Act Extension
Because of the recent terrorist attacks in London, the House of Representatives voted on June 21, 2005 to extend parts of the USA Patriot Act that are due to expire at the end of 2005, which would make permanent 14 of the 16 expiring Patriot Act provisions. For more details, listen to this report from National Public Radio. - The USA Patriot
Act
This article from the Defending America Web site describes the sections of the USA Patriot Act and what they mean to IT administrators. - The USA
Patriot Act: Alleged Abuses of the Law
In this article from the National Public Radio's Web site, the American Civil Liberties Union (ACLU) criticizes the Patriot Act for its invasion of privacy. - Businesses
hope software can help them meet reporting requirements of the Patriot Act
One provision of the USA Patriot Act requires financial services companies to develop improved capabilities to identify customers and flag suspicious transactions. Find out how software offerings may help enterprises stay in compliance. - USA
Patriot Act free compliance guide
Sign up for this free guide from Innovative Systems that will help you comply with suspect screening, identify verification, and reporting requirements of the USA Patriot Act. - NACDL Summary of USA Patriot Act
Read this summary of the USA Patriot, as provided by the National Association of Criminal Defense Lawyers. - Software
exec IDs seven elements of federal privacy, security, and disclosure
compliance
Every CIO and CTO pondering how to get their company into compliance with the dizzying array of federal privacy, security, and disclosure legislation will tell you these federal laws are vague and ambiguously written. Here is a sample of what is out there, including the Patriot Act. - Microsoft
to add 'black box' to Windows
Microsoft has announced its plans to add the equivalent of a flight data recorder to PCs. In the lively article discussion, TechRepublic member apotheon discusses the social, political, and philosophical aspects of the USA Patriot Act. - National Venture Capital
Association: Guidance for compliance with the USA Patriot Act
The USA Patriot Act requires, according to officials at the U.S. Department of Treasury, venture capital funds, and consequently, venture capital firms that manage them, to comply with federal anti-money laundering (AML) laws. Learn more about complying with the USA Patriot Act on the National Venture Capital Association's Web site. - Basic facts about money laundering
This document from the Financial Action Task Force on money laundering explains what money laundering is, what effect it has, and the Forty Recommendations for action against money laundering. - Interagency
CIP Guidance Issued
This article by Sue Burt, Senior Attorney - Bankers Systems Inc., addresses a few of the regulatory interpretations of an interagency guidance released by the federal regulatory agencies in complying with the Customer Identification Program requirements under Section 326 of the USA Patriot Act.
White papers
- Complying
with confidence
Whether it is Sarbanes-Oxley, Basel II, International Accounting Standards (IAS), HIPAA, or the USA Patriot Act, integrating information in support of compliance is not a one-off proposition. Compliance requires ongoing and constant enforcement. It's never a matter of simply checking a box and then moving to another project. Companies typically dedicate one or two people solely to compliance projects. Read this paper from the Sarbanes-Oxley Compliance Journal to learn how to effectively handle data integration and provide visibility. - Managing
e-mail security policy and regulatory compliance requirements
The Sarbanes-Oxley Act, Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA) and the threats highlighted by the CAN-SPAM and Internet Spyware Prevention Acts have driven major changes in the systems, processes, and security inside organizations. This paper by Proofpoint addresses both general and industry-specific business regulations and how they impact an organization's e-mail system. - Helping
Clients to Address Their Anti-Money Laundering (AML) Regulatory Compliance
Issues in the Banking Industry
The U.S. Congress ratified the USA PATRIOT Act, which provides more stringent AML regulations and imposes significantly harsher penalties for banks and financial institutions in the event of noncompliance. While regulatory requirements are the primary drivers for AML compliance, the potential loss of a bank's reputation acts as a compelling secondary concern. Read this paper from IBM, which provides key elements for an effective AML solution.
Vendors
- Sybase (Sybase PATRIOTcompliance)
- SAS (SAS Anti-Money Laundering)
- Mantas (Mantas Anti-Money Laundering)
- NetEconomy (ERASE Compliance Manager)
- Open Text Corporation (Livelink for Customer Due Diligence)
- Bankers Systems, Inc. (PATRIOT ACT Compliance Suite)
Course list
- Lesson 1: Sarbanes-Oxley
- Lesson 2: HIPAA
- Lesson 3: Gramm-Leach-Bliley
- Lesson 4: FERPA
- Lesson 5: USA Patriot Act
- Lesson 6: European legislation
- Lesson 7: What's next?
Sign up for the Compliance Regulatory Overview series
If you haven't subscribed to this series, automatically sign up today to receive the entire Compliance Regulatory Overview series in your inbox.
We want your feedback
Lesson 5 on the USA Patriot Act was:
Very helpful Somewhat helpful Not helpful
