Last month, I attend the ACAMS (Association of Certified Anti-Money Laundering Specialists) Annual AML & Financial Crime Conference in Las Vegas. The conference was full of useful information and I wanted to pass along some of the emerging examination trends and latest regulatory concerns.
The major areas being criticized in BSA exams include:
- 85% of exam deficiencies are in internal controls.
These deficiencies were attributed to inaccurate customer risk rating and inadequate ongoing monitoring. Generally, banks are not effectively identifying higher risk customers. In many cases, banks may identify customers as low risk, but when examiners bring certain facts to the bank’s attention, it’s clear they are actually higher risk. This is due in most part to weak customer due diligence (internal controls). Banks simply aren’t asking enough questions, the tough questions and/or they aren’t asking the right questions. If you don’t have an accurate risk rating, the odds are very great you also don’t have appropriate ongoing monitoring in place.
- The BSA officer is not qualified, BSA staffing is insufficient, or the BSA officer left and has not been replaced.
These deficiencies stem from the BSA officer not having the appropriate expertise AND also not having authority over BSA and all related regulations. You can’t just appoint anyone as the BSA officer. They must be fully knowledgeable to effectively oversee the BSA/AML program and need the muscle (authority) of the Board behind them.
- Needed improvement in compliance culture and/or a top-down approach including support from senior management and the Board.
The recent FinCEN Advisory on Promoting a Culture of Compliance, highlights the importance of a strong culture for BSA/AML compliance, stating BSA/AML shortcomings have triggered recent civil and criminal enforcement actions.
- A lack of adequate Board BSA training.
And last, but certainly not least, exams are noting a lack of adequate Board BSA training. Without appropriate training, the Board cannot provide a top-down culture of compliance, effective oversight of the BSA/AML program, approve policies or provide for sufficient BSA resources. The Board doesn’t need all the details bank operations personnel do, but they need to understand the importance of BSA/AML regulatory requirements, be informed of changes and new developments, the ramifications of non-compliance and the risks posed to the bank.
So, I challenge you to consider this information as it relates to your BSA/AML compliance program and make sure your bank doesn’t become one of these trends!