Federal Computer Week: www.fcw.

com Page 1 of 3

VOUM w¥f nmmi IT RitouMt

Advertisement

FBI to build data warehouse

Investigative data mining part of broad
initiative to fight terrorism
BY William Matthews Printing? Use this
June 3, 2002 version.
Email this to a friend.

The FBI has selected "investigative data RELATED LINKS

warehousing" as a key technology to use in the
war against terrorism. Sidebar: "Carnivore
bites off too much"
The technique uses data mining and analytical
software to comb vast amounts of digital "Guidelines open data.
information to discover patterns and Web to
relationships that indicate criminal activity. The FBI" [FCW.com, June
same technology is widely used in the 3, 2002]
commercial sector to track consumer activity
and even predict consumer behavior. "FBI counting on IT vs.
terrorism" [Federal
The FBI plans to build a data warehouse that Computer Week, May
receives information from multiple FBI 20, 2002]
databases, according to Mark Tanner, the
agency's information resources manager. "Data-sharing projects
Eventually, the warehouse might receive data gain
from other law enforcement and intelligence momentum" [Federal
agencies. Computer Week, March
4, 2002]
Symantec.
Data mining and data warehousing are part of a
much larger FBI plan to acquire and employ
modern information technology to thwart future terrorist attacks.

"New technologies are required to support new and different operational

practices," FBI Director Robert Mueller said May 29, detailing a sweeping
overhaul planned for the federal law enforcement bureau.

By the end of the summer, the FBI hopes to hire 900 new agents, including
computer scientists and other IT specialists. The bureau overhaul also
includes:

http ://www .few .com/print, asp 6/20/03

Print Article Page 1 of 5

COMPLIANCEHEADQUARTERS

FinCEN and the Section 314(a)

Information Sharing Process
Sue Burt, Senior Attorney - Bankers Systems Inc.
December 2002

Overview

Recently, the federal regulators shed new light on the section 314(a)
information sharing process and the FBI Control List. In a Joint Agency
Notice dated November 26, 2002, the regulators announced the
discontinuation of the Control List and unveiled a new process for
handling information requests from the government. This new process
has been established by FinCEN pursuant to Section 314(a) of the USA
PATRIOT Act and will replace the Control List.

This article will discuss the new section 314(a) information sharing
process and will explain what your financial institution must do to comply.

History 101
In order to better understand where we are headed with respect to
government list searches and information sharing, it is helpful to
appreciate where we have been.

October 2001: In response to the September 11, 2001, attacks, the FBI
created a confidential document called the Control List. The List was
compiled by various federal law enforcement agencies conducting
investigations into terrorist activities and consisted of names and
identifying data of individuals and entities that these agencies believed
may be related to their investigation. In October of 2001, the FBI provided
the Control List to all financial institution regulators. The regulators, in
turn, forwarded the List to financial institutions under their supervision
once the financial institution had "registered" with its respective regulator.
Financial institutions were given until October 12, 2001, to provide their
regulator with the name of a senior level person as the contact for the
Control List, that person's title, telephone number, and e-mail address.
Upon receipt of this registration information, the regulators e-mailed a
copy of the Control List to the institution.

October 26,2001: The USA PATRIOT Act is signed into law and is
intended to thwart terrorist activity in the United States. Title III of the Act
amends a number of sections under the Bank Secrecy Act and sets out
new compliance requirements for financial institutions.

July 23,2002: The Department of the Treasury and the federal financial
regulators release proposed customer identification program rules. The
proposed rules implement section 326 of the USA PATRIOT Act and are
intended to protect the U.S. financial system from money laundering and
terrorist financing. These regulations spell out the requirements for
establishing a customer identification program. One element of a CIP is to
compare names with government lists prior to account opening and report
any matches.

http://www.complianceheadquarters.com/cgi-bin/printview/printview.pl 6/20/03
Eant Article Page 1 of 5

COMPLIANCEH EADQUARTERS

Section 326 Customer Identification Programs: The Final Word

Ted Dreyer - Attorney, Bankers Systems, Inc.
April 2003
Sign Up Now to Learn
About the Final USA
PATRIOT Act Section
326 Regulations!
Reserve Your Seat
Today....More

After months of speculation and anticipation, the U. S. Treasury Department issued final regulations implementing
the Customer Identification Program (CIP) requirements of the USA PATRIOT Act on April 30, 2003. Financial
institutions across the nation must comply with this new regulation by October 1, 2003. This article will discuss the
final CIP regulations and address the specific requirements for your institution.

Overview

The USA PATRIOT Act was enacted in October 2001 and contains a number of provisions requiring the financial
services industry to take steps to assist in the war against terrorism. Title III of the Act directly impacts financial
institutions and amends several sections of the Bank Secrecy Act. Section 326 of Title III requires financial
institutions to create and implement what is referred to as a customer identification program or CIP. The goal of
such a program is to establish a process whereby institutions verify the identity of each customer or member at
the time an account is opened.

Following the outline of the proposed regulations, the final CIP regs establish who the law applies to and set out
the key components of a CIP. These components include, identification, verification, government list comparisons,
adequate notice and record retention.

Coverage
The proposed regulations covered situations where a customer is seeking to open an account. A "customer"
included any person or business entity opening the account and any "signatory" on the account. "Account"
included any ongoing banking relationship, including lending transactions, deposit accounts or asset accounts.
One problem was that there was no definition for the term "signatory" and there was uncertainty as to whether
parties such as guarantors or holders of powers of attorney were covered. ^

A second troublesome issue related to the definition of "customer." Under the proposed rule, a customer is
anyone seeking to open an account and commenters speculated that it would apply to persons who were denied
accounts for whatever reason, and require maintaining identification records on persons who ultimately did not
hold accounts. A number of questions surfaced regarding how it would apply in the event that a beneficiary of
account (e.g. a trust or an IRA) became an account owner on the death of the originally named account holder.
For this reason, many letters suggested limiting the definition to those who actually opened accounts.

http://www.complianceheadquarters.com/cgi-bin/printview/printview.pl 6/20/03