“Mitigate and Manage” vs. “Limit and Control” Risk

One of the changes in the recent FFIEC BSA Examination Manual updates was a move from having internal controls that “limit and control risk” to achieve compliance with BSA, to having internal controls that “mitigate and manage” risk associated with money laundering, terrorist financing (ML/TF) and other illicit financial activity.

This change stems from the July 22, 2019, Joint Statement on Risk-Focused Bank Secrecy Act/Anti-Money Laundering Supervision.  The Statement said, “to assure BSA/AML compliance programs are reasonably designed to meet the requirements of the BSA, banks structure their compliance programs to be risk-based and to identify and report potential money laundering, terrorist financing and other illicit financial activity…Banks determine the levels and types of risks that they will assume and are encouraged to manage customer relationships and mitigate risks based on customer relationships, rather than declining to provide banking services to entire categories of customers.”

Limiting risk may have led many financial institutions to de-risk, in other words, they decline to provide banking services to entire categories of customers.  For example, de-risking drove a lot of financial institutions to get out of high-risk activities, such as banking MSBs, marijuana-related businesses, etc.  The updates to the BSA Examination Manual make it clear that examiners don’t want you to run away from risk, they want you to put appropriate controls in place and…manage it!

If you want more on the updates to the BSA Examination Manual, be sure to check out our webinar, The New BSA/AML Examination Manual, which is available now OnDemand.


See BSA/AML Free Tools Here – https://store.bankerscompliance.com/link/BSAFreeTools

ACAMS: Financial Crimes Under the Microscope

We recently sat in on an Association of Certified Anti-Money Laundering Specialists (ACAMS) webinar that addressed many of the rising issues related to the COVID-19 pandemic.  They expect banks to see more online banking/mobile banking usage, as well as uncharacteristic transactions for certain customers.

These changes in customer behavior will ultimately result in increased transaction alerts within your BSA monitoring systems.  This might include spikes in online banking, mobile banking, person to person (P2P) transfers, wires, etc.  You’ll likely want to take a risk-based approach to handling such increases and that approach could also depend on your Business Contingency Plan (BCP).  For instance, where does your BCP allocate your compliance resources?  Perhaps your BCP calls for more resources, but in the event of the COVID-19 pandemic, you have actually had to reduce resources/personnel. Any necessary adjustments to your BCP should be documented and if you don’t have a BCP, develop one!

Some areas where you may or should see a change include:

  • Bars and restaurants are generally closed to the public.  Even though they may be operating on a take-out only basis, their overall activity should be decreasing.  Even as they start to reopen, activity should still generally be less.  If they continue to have “normal”, pre-COVID-19 activity, you need to determine why.
  • Measures to prevent the spread of the virus have disrupted not only legitimate businesses, but illicit ones also.  Those using bars, restaurants, salons, clubs and other business “fronts” for laundering ill-gotten funds must now find different covers.  For example, human traffickers can’t openly operate front businesses like massage parlors; money couriers/mules will now stand out because of the decrease in air and interstate travel, etc.  Businesses will be created, or compromised, in order to support activities and hide income derived from COVID-19 fraud schemes.  
  • Customers who have never used certain products or services (e.g., mobile banking, wire, P2P, etc.) will likely start doing so.  You will need to determine if it’s normal given the times or unusual.
  • Withdrawals of cash will likely increase due to fear or uncertainty in the economy.  People may feel safer keeping cash at home or on-hand.  It may be best to come up with a standard way of handling these requests IF other suspicious activity, such as structuring, is not involved.  That way, activity analysts can address the increased alerts efficiently.

You might consider developing an NAICS list or AML monitoring scenario of restricted businesses.  Continued activity could indicate illicit income from businesses that should be shut down during the pandemic.

This increase in alerts means more information to wade through.  This is also challenging because you may not be working with a full staff at this time.  Modifying your alert scenarios and thresholds temporarily might help reduce the volume but you should have controls and documentation in place prior to doing so, if it’s not addressed in your BCP.  Make sure you have a change control process in place.

Alert thresholds should not be changed on a whim and you’ll likely want some approval process (BSA Officer) in place to do so.  For example, IT should not be changing any sanctions alerts due to increased activity going through the financial system to support certain countries.  Pay close attention to changes in sanctions and sign up for sanction alerts and issuances.

Be careful too about turning certain alerts off entirely as things will likely get missed.  A better approach might be to do a delayed review, for example, every 90 days instead of every 30 days or an abbreviated review vs. a full review. 

Ultimately, you need to focus on your program as a whole.  Make sure it’s working, be realistic about what you can and can’t do, etc.  Communicate with your regulators, especially if you’re unsure of your ability to meet reporting timeframes, etc.  Your focus should be on your adaptability, resiliency and sustainability, not “pleasing” your examiners.


See BSA/AML Free Tools Here – https://store.bankerscompliance.com/link/BSAFreeTools

Elder Fraud Increasing

Elder fraud, elder abuse, elder financial exploitation – whatever you call it, it’s not only a horrible crime but it’s on the rise.  FinCEN recently released a report, “Financial Trend Analysis: Elders Face Increased Financial Threat from Domestic and Foreign Actors”, which, as the name suggests, indicates that elders face financial threats both at home and from abroad. 

This isn’t necessarily new information.  The CFPB also released a report in February 2019 outlining issues and trends related to Elder Financial Exploitation (EFE) Suspicious Activity Reports (SARs).  This should be a little bit of a warning shot to your BSA Compliance Team.  Specifically, that this is a growing area of risk, you need to train your employees and do your part to protect your customers.  FinCEN Director Blanco stated:

“These SARs are also important to filer banks and MSBs because they show trends and patterns in criminal activity.  Every financial institution wants to protect its customers, and SAR reporting helps them do that.  Awareness of these reporting trends and potential exploitation methods can also help consumers protect themselves.”

A few of the major scam areas include:

  • Romance: scammers establish a “relationship” with a victim and then request money for a variety of reasons.
  • Emergency: scammers claim to be a loved one of the victim who has an emergency situation and needs money right away.
  • Lottery: scammers tell victims they won a lottery or other prize and they need to first send a tax or fee before they can claim their winnings.

While scams are a large portion of the EFE SARs filed, theft by a family member or an unrelated caretaker are still the most financially devastating.  Amounts reported for theft are almost double the amounts reported for scams.

For more on the February 2019 FinCEN report, be sure to check out the Management Minute in the April 2019 edition of Banking on BCC.

Want a to get a free edition of our magazine? Email us at consultants@bankerscompliance.com.


OFAC Amendments

OFAC recently published an Interim Final Rule to amend its Reporting, Procedures and Penalties Regulation (31 CFR part 501).  This section deals with the reporting, recordkeeping, and licensing requirements for OFAC’s economic sanctions programs.


In the past, if a submitter did not provide sufficient information to identify blocked or unblocked property or to determine the authority under which the property was blocked or unblocked, OFAC had to request follow up information which might result in multiple requests. This Rule expands and clarifies the information that is required to be submitted to OFAC in reports on blocked property to reduce the need for follow up requests.  This should lessen the overall reporting burden for submitters.


The Interim Final Rule:


  • provides updated instructions and incorporates new requirements for parties filing reports on blocked property, unblocked property, or rejected transactions;
  • revises the licensing procedures section to include information regarding OFAC’s electronic license application procedures and to provide additional instructions regarding applications for the release of blocked funds; and,
  • clarifies the rules governing the availability of information under federal law…for information that is submitted to OFAC in connection with blocking or unblocking reports, reports on rejected transactions, or license applications.

This Interim Final Rule was effective June 21, 2019; however, written comments may be submitted until July 22, 2019.




Make sure you are signed up to receive the latest information! Register HERE!

Elder Abuse on the Rise

When it comes to hot issues in the BSA world, we find it’s sometimes hard to get bankers to fully buy-in.  They might receive training on topics like human trafficking, marijuana business, etc., but in the back of their mind they’re thinking, “I’m never going to run into that at my bank”.  Or, “That’s a big bank problem”.  While we would beg to differ, we can see how it’s easy to fall into that line of thinking.


One issue that is on the rise is Elder Financial Exploitation (EFE).  It’s pretty safe to say that EVERY bank has elderly customers so it’s definitely not something you want to overlook. Back in February, the CFPB released a report, Suspicious Activity Reports on Elder Financial Exploitation: Issues and Trends.  It included key facts, trends, and patterns revealed in EFE SARs filed by banks, credit unions, casinos, and other financial services providers.

Here are a few statistics:


  • SAR filings on elder financial exploitation have more than quadrupled (400%) from 2013 to 2017 while other SAR filings have only increased 40% during that same timeframe.


  • The analysis recognized four common activities: Romance scams (looking for love), exploitation by a family member, theft by caregiver and money mules (person-in-need scam).


  • On average, the reported suspicious activity took place over a four-month period. The suspicious activity lasted longer when the suspect was a family member, the targeted person had diminished capacity, the targeted person was 80 years and older and when a joint account was involved.


  • Sadly, in less than 1/3 of the EFE SARs, the activity was also reported to Adult Protective Services (APS), Law Enforcement, or other authorities.


We recommend you utilize these findings to develop training to increase awareness and strengthen efforts to protect older adults from financial exploitation.


For example, losses could be limited or prevented or by improving fraud detection technology to reflect transaction patterns most prevalent when older account holders become victims.  The use of alerts on checking and savings accounts or by offering services that help trusted relatives and friends detect elder financial exploitation could also be beneficial.


Elder financial exploitation is one of those crimes that really tugs at your heartstrings.  It’s hard to imagine that this type of crime could happen to your loved ones.


You are in a unique position to help combat this horrible crime so make sure you do your part!




Want more BSA Training? – https://store.bankerscompliance.com