Entium Technology Partners, LLC, LLC
Suite 50, P.O. Box 904
1288 Valley Forge Road
Valley Forge, PA 19482

Main: 610.415.7200
Fax: 610.415.7222
Toll Free: 888.757.2045

Sales and Marketing

General Information

Career Opportunities

Directions

White Papers

US Patriot Act of 2001

Following lessons learned in the aftermath of the largest terrorist attack in U.S. history, our nation must anticipate new risks. We rely so much on technology that it may become our ultimate weakness in preparing for the unexpected. Congress passed the US Patriot Act of 2001 to deter and punish terrorist acts in the United States and around the world, and to enhance law enforcement investigatory tools. The Act primarily focuses on enhancing domestic security with regard to the financial sector. However, there is a clause that recognizes our nation's vulnerability, from a business continuity perspective, in maintaining our critical infrastructure elements.

The Critical Infrastructure Protection Act of 2001 addresses the information revolution and reliance on critical physical and information infrastructures, including telecommunications, energy, financial services, water, and transportation services. The policy of the United States, associated with this act, is to have a comprehensive and effective program in place to ensure the continuity of essential federal government functions, under any circumstances. This national effort requires extensive modeling and analytic capabilities for evaluating appropriate mechanisms to ensure the stability of these complex and interdependent systems, so as to achieve the continuous viability and adequate protection of the critical infrastructure of the nation. Private business and government will increasingly be involved in these efforts.

Enhancing domestic security against terrorism involves new rules and regulations that relate to the access of remote computing service records and to the required disclosure of customer communications or records. The Foreign Intelligence Surveillance Act of 1978 was amended to reflect access to certain business records for foreign intelligence and international terrorism investigations, and to document production requirements. The International Money Laundering Abatement and Anti-Terrorist Financing Act of 2001 affects banking and financial institutions. Certain financial transactions and information regarding accounts have new recordkeeping and reporting requirements. Banking institutions now have to establish due diligence policies, procedures, and controls to detect money-laundering activities, and must maintain banking activity records subject to inspection.

A new 120-Hour Rule requires financial institutions to provide account documentation and bank records related to anti-money laundering programs, to a Federal Banking Agency, no later than 120 hours after receiving a request. Concentration accounts are regulated in that written procedures governing the documentation of all transactions are required. Accountholders must be identified and verified, and adequate information must be maintained on foreign terrorist organization financial activities. Wire transfers are closely scrutinized and foreign governments are required to include the name of the wire transfer originators.

Policies, procedures, and compliance are increasingly becoming key in demonstrating an organization's commitment to change and integrate new business practices. For example, financial institutions must now establish anti-money laundering programs that include the designation of a compliance officer, an ongoing employee training program, and an independent audit function to test programs. The Bank Secrecy Act was amended to reflect the usefulness of records to investigations by any uninsured bank or institution. The requirement to report suspicious activities by underground banking systems, for anyone in the business of the transmission of funds, opens up the field to an organization's way to monitor their business activities.

The Financial Crimes Enforcement Network was established to advise and make recommendations on matters relating to financial intelligence and financial criminal activities. A highly secured network allows financial institutions to file required reports and provides alerts and other information regarding suspicious actitices that warrant immediate and enhanced scrutiny. Nonfinancial trades or businesses are also required to report coin and currency receipts of more than $10,000. Domestic currency counterfeiting activities carry more stringent penalties, such as fines and imprisonment of not more than 20 years.

The pressure is on the Immigration and Naturalization Service to provide access to criminal history records from their databases. A technology standard that can be used to verify the identity of foreigners shall be the basis for a cross-agency, cross-platform electronic system to share law enforcement and intelligence information. Finally, disclosure of educational records is required of an educational agency or institution for investigation purposes and states are now required to provide background record checks and reports for issuing hazardous material licenses.

Although these new rules largely affect financial organizations, others should pay attention to the new scrutiny of rules and regulations focused on records, recordkeeping practices, and the ability to continue operations in the event of a disaster. Life is not business as usual after 9-11. An organization that refuses to pay attention to these issues will later pay the price by being unable to survive a disaster and/or unable to comply with potential new rules imposed by our government for responsible business conduct. In this new world, an organization will be proactive in considering these issues and investigating their own vulnerability and business practices.

This article was written by Ellie M. Myler, CRM, CBCP. For more information, contact Entium Technology Partners at (888) 757-2045.

Entium Technology Partners develops and implements life-cycle information programs that ensure compliant business rules and standards for all company records regardless of media type. These information programs control the creation, processing, maintenance, distribution, storing, and disposing of all corporate documents and records by combining information policies, processes, and procedures with the appropriate technology tools. Our solutions will allow enterprise-wide access to corporate documents and records while meeting internal security and business continuity needs.