Insurance & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


10:42 AM
Connect Directly

P&C Exempted from PATRIOT Act

But health and P&C carriers must comply with OFAC's SDN list, even though they are exempt from anti-money laundering and know-the-customer rules of USA PATRIOT Act.

Although property and casualty and health insurers, along with all agents and brokers, may be relieved that the recent US Treasury USA PATRIOT Act proposed rules exclude them from compliance, the entities will still have to comply with the Office of Foreign Assets Control's(OFAC, part of the Treasury Department) Specially Designated Nationals and foreign business transaction bans.

Unfortunately, points out Joe Jensen, executive vice president, solutions activation, in CSC Corp.'s (Austin, TX) property and casualty group, many companies are thinking that the USA PATRIOT Act and OFAC are one and the same. "The OFAC list has been around for a long time," according to Jensen. "But since 9/11, it has been getting a lot more attention" and people always seems to mention OFAC along with the PATRIOT Act. "The PATRIOT Act just takes the OFAC list a step further," by requiring that companies "know their customer" and also protect against money laundering.

Some Rules Still Need Clarification

Brian Casey, partner in the corporate regulatory insurance group at the Atlanta-based law firm Lord Bissell Brook, says, "While this may be viewed as a victory for property and casualty and health carriers, there may be other areas where they will have to get up to speed." Also, adds Casey, reinsurance companies still must comply with the USA PATRIOT Act, which raises some technical concerns when it comes to "knowing the customer," since reinsurance companies traditionally reinsure blocks of policies from an insurance company. "Supposedly the company that issues the policy already did the background check," according to Casey. "How far into the reinsurance process does this extend?"

In fact, getting up to speed with OFAC list compliance isn't a one-time project, argues Lauri Ingram, senior program director in the insurance group at Stamford, CT-based META Group. "Insurers are going to have to implement new technology and procedures to check that their policyholder names and beneficiaries do not appear on the OFAC list," Ingram says. "And any time there is activity on a policy, that check has to be done. There is definitely a lot more responsibility for the insurance carriers."

Surprisingly, some carriers, according to Ingram, are currently checking policyholder and beneficiary names manually because they lack the technology to automate the process. Ingram suggests that carriers check names in batches with services from MIB (Westwood, MA), which recently extended its services to include the OFAC lists, and to use credit-checking services such as Equifax (Atlanta) or TransUnion (Chester, PA), which have also announced services for OFAC and USA PATRIOT compliance.

And while a manual process may suffice at this moment in time, "when the list may be something like 5,000-names deep, that list could grow exponentially by the end of the year to 50,000 or 100,000 names," speculates CSC's Jensen.

Sharing Information

"Any US company or its foreign subsidiaries are not allowed to do business with anyone on the OFAC list, and that goes for all insurance companies, too," Jensen says. A carrier "cannot even insure a person, much less pay a claim, to people on the list." Companies found to be doing business with a person on the OFAC list could face fines of up to $1 million per incident and, perhaps even more damaging, "face a PR nightmare when the public finds out that their insurance company was doing business with terrorists," he adds. Companies that find a client on the OFAC list are to report the information to the Treasury Department immediately.

Moreover, says one insurance technology vendor executive who asked not to be named, US companies should learn a lesson from the information-sharing failures of the US government. "Many of the federal entities were not sharing information and that is what got us into this mess in the first place," the executive says. "The focus should not be on how to delay compliance or how to get an exemption" from the USA PATRIOT Act or the OFAC regulations. "The focus should be on compliance and sharing information. Frankly, I find it totally embarrassing to see companies, and even entire industries, lobby and try to find a way to duck this."

Greg MacSweeney is editorial director of InformationWeek Financial Services, whose brands include Wall Street & Technology, Bank Systems & Technology, Advanced Trading, and Insurance & Technology. View Full Bio

Register for Insurance & Technology Newsletters