| |
By Douglas Hayden
General Attorney
New York State Insurance Fund
Howard Feldman
Principal Attorney
New York State Insurance Fund
Most people would agree that terrorism is
about secretly hostile operatives striking against freedom-loving countries
to reek havoc. But at its essence, terrorism is as much about moving money
and obtaining and placing strategic assets.
Without large amounts of untraceable money and local sources of equipment,
terrorism could not exist. In that sense, terrorism has an eerie similarity
to international drug dealing and other aspects of organized crime.
In the aftermath of 9/11, President Bush issued an executive order prohibiting
transactions with persons who commit, threaten to commit, or support terrorism.
New York State Insurance Fund is proud to have partnered with several
state funds, in conjunction with the U.S. Treasury’s Office of Foreign
Assets Control division (OFAC), to join the national effort to stem the
flow of money that feeds international terrorism, narcotics and organized
crime. In response to Bush’s initiative, OFAC issued rules governing
the insurance industry.
OFAC has termed it “critical” that the insurance industry gain
a better understanding of the economic sanctions and embargo programs:
“The programs are a front-line defense against foreign threats to
our national safety, economy and security.”
These state funds have embarked upon an ambitious project to cross-check
their databases with the U.S. Treasury Department’s list of known
terrorists and those who support them. They recognize that an insurance
company is a financial institution capable of being co-opted by international
terrorism and organized crime.
Background
As an aspect of war, federal economic sanctions actually go back to the
War of 1812. Modern sanctions policy began in World War I and have generally
been instituted under the authority of the Trading with the Enemy Act
of 1917 (TWEA).
OFAC itself was formally created in December 1950 following the entry
of China into the Korean War, when President Truman declared a national
emergency under TWEA and blocked all Chinese and North Korean assets subject
to U.S. jurisdiction.
What we now know as peacetime economic sanctions began with the International
Emergency Economic Powers Act of 1977 (IEEPA), the first U.S. law involving
peacetime sanctions.
Modern sanctions legislation weaves the provisions of TWEA, IEEPA and
several additional federal laws, some of which were originally targeted
to attack international narcotics trafficking, money laundering, organized
crime and as a tool of foreign policy to isolate rogue nations such as
Cuba and North Korea. These are all tied together by a series of executive
orders and presidential declarations of emergency under IEEPA.
Many in the insurance industry incorrectly interchange OFAC with the USA
Patriot Act. Because property-casualty insurance companies were temporarily
exempted from the Patriot Act, those who confuse the two acts believe
the insurance industry is exempt from OFAC requirements. As you see, OFAC
compliance is governed by a group of separate federal laws that in most
cases predate the Patriot Act. Under federal law, OFAC compliance is mandatory.
 Money
laundering
When the next terrorist act occurs, the resources utilized by the terrorists
will again be traced to their source.
Money laundering through the use of legitimate business is the lifeblood
of terrorism. It’s the process by which one conceals the existence,
illegal source or illegal application of income and disguises that income
to make it appear legitimate.
While banks were the traditional money laundering vehicle, enforcement
of banking rules have led money launderers to seek other financial institutions.
One substitute may be domestic insurance companies.
These are the steps commonly followed by money launderers:
Placement. Money is deposited in the financial system without drawing
notice.
Layering. Money is moved through multiple institutions and property ownership,
often internationally, to make it difficult to trace the origins of the
money.
Integration. The now-difficult-to-trace money is placed in the legitimate
financial system of the locale where the terrorist organization is operating.
The terrorist next door; NYSIF’s close call
You may be wondering how this relates to the casualty insurance industry
or to the workers’ compensation insurance industry in particular.
At NYSIF, it quickly hit home when a former long-term insured, Carnival
French Ice Cream Shop, suddenly appeared in the news.
 In
November 2003, acting on a tip, federal agents raided a tiny ice cream
shop in the Park Slope section of Brooklyn. Agents who reviewed seized
accounts were astonished to learn that Abad Elgeeh’s tiny Carnival
French Ice Cream Shop had deposited $20 million in just the past five
years. Upwards of $5 million had been deposited into the Carnival account
in a one-year period alone. Tax records indicated annual gross ice cream
sales of just $185,000.
Elgeeh, a Yemeni immigrant who lived upstairs from the shop, was accused
of making illegal money transfers to fellow Yemeni Sheik Hasa al-Moayad.
Al-Moayad is in custody in Germany, accused of funneling $20 million,
recruits and weapons to al Quaida. Elgeeh is facing a possible 10-year
prison sentence.
Osama bin Laden has boasted that hawalas, informal money transfer networks,
have created cracks in the Western financial system that “were as
familiar to him and his al Quaida colleagues as the lines of their own
hands.”
While NYSIF has no indication that Elgeeh misused his NYSIF policy, long-term
business relationships are one of the cornerstones of financial trust.
Fraud detection systems used by insurers may not be capable of detecting
a sophisticated assault by hostile foreign governments or internationally
based money launderers. These would be uncharted areas of fraud to most
insurers.
Domestic insurance companies can catch the average claimant committing
fraud. Whether one could deal with professional agents of a foreign government
who target casualty insurance companies is another matter. Could a scam
that involved a long-term insured colluding with a claimant and provider
be discovered?
Domestic casualty insurers are not used to viewing themselves as financial
institutions. They may not realize that a terrorist or money launderer
may be willing to accept a huge discount on money to legitimize it.
How OFAC works
Here’s how an OFAC compliance program works. A U.S. insurance company
is prohibited, under any circumstance, from paying a claim or entering
into a contract, including issuing a policy, with anyone on the OFAC list.
The OFAC list contains the names of some 50,000 Specially Designated Nationals
(SDN) and Blocked Persons, including numerous foreign agents and front
organizations for terrorists and narcotics traffickers.
The list is available at the OFAC website www.ustreas.gov/offices/eotffc/ofac.
Anybody who comes into possession of money or property belonging to an
OFAC-listed blocked person or SDN must freeze those assets. The holder
must notify the Treasury Department’s Compliance Program Division
and await instructions on their disposition. OFAC may need additional
time to research the entity and notify the insurance company of its final
determination.
The list may be based on legislation from Congress, orders from the president
or U.S. intelligence. OFAC is aware of the confusion that can be caused
by similar names on the list and will provide the assistance necessary
to help insurers avoid adjusting a claim or entering into a policy with
a blocked person or SDN.
OFAC is additionally aware of the unavoidable weakness under workers’
compensation—the inability of an insurer to be aware of the names
of all of its policyholders’ related entities or employees. OFAC
will not hold the employer responsible for information that it did not
know and is not in its possession, instead employing a “reason to
know” standard.
OFAC penalties
OFAC violators face both civil and criminal penalties. Civil penalties
are set between $11,000 and $1,000,000 per violation. Criminal violations
can bring up to 12 years in prison. Here are examples of violations settled
with OFAC:
Problems with OFAC
OFAC has its share of detractors who believe it is not rigorous enough.
The U.S. Senate Finance Committee recently sent OFAC a letter setting
forth its perceived deficiencies. Iowa Sen. Charles Grassley, the committee’s
Republican chairman, and Montana Sen. Max Baucus, its senior Democrat,
cited numerous concerns about OFAC’s performance, including evidence
of sloppy recordkeeping, failure to provide required information to Congress,
and reliance on voluntary compliance by banks to impose sanctions against
suspected terrorists.
“This leaves OFAC in a position of not knowing what it does not know,”
the two senators wrote.
Indeed, as we went to press, NYSIF still had not found Carnival French
Ice Cream Shop on the OFAC list.
Setting up a program
Setting up an OFAC program requires the preparation of a clear policy
linked to effective controls.
For a large integrated state fund, just identifying all of the payment
and contract centers—from claimant benefit payments to policy issuing
to vendor, contractor and provider payments—would be a gargantuan
task.
Although OFAC is an industry regulator, it does not mandate the adoption
of any particular type of due diligence program. The program that is developed
has to be tailored to your unique method of doing business. A domestic
insurer will come upon an SDN or blocked person less frequently than will
an international insurer. Although a domestic insurer is looking for a
needle in a haystack, it is an important needle.
Here are some practical pointers for setting up a program:
1. Appoint an OFAC compliance officer or, better yet, a multi-disciplinary
compliance committee. The major departments involved in policies, benefits
and procurement should be represented as well as the legal, finance and
internal audit departments.
2. Identify all payment centers, policy issuance and contract sources.
Here are some places a state fund might look:
Claims: Benefit payments, legal counsel, investigators and
providers.
Policyholders: Existing and new as policies are written.
Cancelled policies where refunds are possible.
Company vendors: Includes contracts and purchasing.
Financial: Banks, investment managers, insurance and real
estate brokers.
Internal: Employees, consultants, independent contractors
including third-party administrators, and vendors of employee reimbursable
expenses.
3. Begin searching manually. Since every searching system produces
matches, culling the true hits from false positives is the most difficult
part.
You can manually download the list from www.ustreas.gov/offices/enforcement/ofac/
or use web-based services such as www.bridgertracker.com. The Insurance
Service Office is another good source of software. Remember, the OFAC
list can be updated as often as every three days.
4. Look for an automated solution. Once you begin searching high
volume areas such as claims benefit payments, you will need an automated
solution.
You can download the OFAC list and write a solution in-house. Or you can
obtain one of many commercially available interdiction programs. Some
providers will run your data through their program periodically, notifying
you of all hits. These programs
typically utilize filters that compare information, such as a policyholder’s
name, with selected data fields such as a terrorist’s name, address
and home country. A defined scoring system will determine whether a given
transaction requires blocking or further inquiry.
5. Maintain records. Since you some day may need to demonstrate
your commitment to OFAC compliance, it is advisable to maintain a record
of your internal OFAC guidelines, internal controls and searches conducted,
including how “hits” were investigated. This will also help
when repeat hits are obtained in the case of continuing transactions with
the same source.
Similar names, false positives
Once you begin mechanized matching, you will come up with a steady stream
of hits. The list contains names from a large number of foreign countries,
including many similar names. These can render most name matching algorithms
useless.
There is no one solution, but here are some ideas on how to proceed:
Check the score of your software program rating, and try to figure out
why it is not 100 percent. If it is 100 percent, look for information
parameters beyond the scope of the search.
Check the country of origin of your claimant or policyholder against the
one on the OFAC list.
See how long your claimant or policyholder has been in the United States,
and how long at the same address.
If your claimant/policyholder is not in the United States, or if the money
is received from sources outside of or to be sent out of the United States,
that is certainly a red flag, as is a foreign address. But don’t
rule out domestic sources of terrorism.
If you do not have an exact hit but can’t rule it out, call the OFAC
hotline at (800) 540-6322.
You may wish to assign an investigative unit to run down your hits. Computer-related
investigative skills go a long way toward resolving those issues.
When you get a match
If you get a match involving a monetary transaction such as a claim, you
must first freeze the money. You must then report the transaction to OFAC
within 10 days.
Although there is no statutorily prescribed method for reporting the transaction,
OFAC provides a form on its website. Be sure to include the names of the
parties, dollar amount involved, and information about the employee who
is responsible for maintaining your blocked accounts.
You must then await instructions from OFAC. Assets must be frozen by placing
them in interest-bearing accounts, at commercially reasonable rates, and
holding them in instruments with maturities of less than 90 days. Blocked
accounts may not be released without special permission from OFAC. This
is an important reason for bringing Finance in on your compliance committee.
Prior to confiscating the assets, OFAC itself may elect to give the SDN
or blocked person notification and hence an opportunity to free the assets.
Finally, upon notification by OFAC, the assets are either freed or ordered
to be paid over to OFAC.
In the case of a policy or contract, the insurance company may not enter
into or maintain a policy with a blocked person or SDN. Does this require
cancellation of existing policies? According to one source, no, but such
policy would have to be frozen.
What does frozen mean? The unearned premium must be calculated as though
the policy had been canceled, and then deposited into the account established
for OFAC-blocked transactions. No claims may be paid out on the policy.
In the commercial arena, licenses for entering into transactions that
would otherwise be blocked can be sought through the U.S. Department of
Commerce—for example, selling a computer to a Cuban company. OFAC
insurance regulations do not as yet encompass such a process for insurance
companies.
Few domestic insurers are aware of OFAC requirements, much less have implemented
them. Yet a clear policy and implementation program are necessary to avoid
problems later. The commitment of resources should match the insurer’s
exposure to the possibility of an adverse revelation, and that insurer’s
willingness to shoulder the result of the public disclosure of an SDN
or blocked person transaction. Being known as the insurer that funded
the next terrorist bombing or international drug deal is not something
that any state fund would want to be associated with.
Authors Douglas Hayden and Howard Feldman can be reached at dhayd@nysif.com
and howf@nysif.com, or (212) 312-7001.
Hayden’s PowerPoint presentation to the 2003 AASCIF Law Committee
Conference and to the 2004 Society of Workers’ Comp Professionals
Inc. Conference on NYSIF’s nuts-and-bolts approach can be obtained
by request.
Download complete newsletter
in PDF
format
|
