BSA is Good for
You- and Especially Good for your High Risk Customers!
We hope that title got your attention! It certainly got our attention when the
comptroller of the currency Tim Curry
said it recently! When Mr. Curry
was speaking before the Association of Certified Anti-Money Laundering
Specialists convention earlier this year[1],
he noted that when a financial institution has a strong BSA program, its ability to service high risk
clients increases.
One of the many points that Mr. Curry was making goes against trends that we often see in banks, when regulators increase the focus on a
given area, the tendency is to cease the product line or service being offered. One obvious example of this tendency was the
response from many banks to the Qualified Mortgage rules. These rules required the lenders who
originate higher priced mortgages to
fully document the borrower’s ability to repay the loan before the loan was
made. The rule carved out a “Safe Harbor”
for banks that did not make higher priced mortgages. This exception, the qualified mortgage (“QM”) exception, became
the path of least resistance to many banks.
As of today there are still many banks that have decided to limit the non
“QM” activity to zero. In point of fact, a quick review of the
requirements for documenting the ability to
repay, reveals that these requirements
are little more than best practices for
lending that have been established for many years.
Mr. Curry pointed out that in many cases, banks suffer from
similar over reaction in the BSA area.
Just because there is a great deal of attention paid to BSA, doesn’t
mean that banks should immediately stop servicing high risk clients.
Common Problems
with BSA
The biggest areas of concern for BSA be can be categorized into
four major areas, according to Curry:
·
The culture of Compliance at the Bank;
·
The resources (or lack thereof) that are
dedicated to BSA;
·
The strength of the information technology;
·
The quality of risk management
It is interesting to note that the very first item on this list
is the compliance culture of the bank.
Regulators have made it clear that in 2014 and beyond, the area of compliance
will directly impact the “M” in a banks
CAMEL ratings. The expectation is that
senior management including the Board of Directors will make compliance an issue
that is fundamental to the ongoing operation of the Bank.
The implications for the AML/BSA compliance program are
clear; regulators expect that banks will spend the necessary resources to fully
staff and administrate BSA/AML compliance.
Further, accountability for compliance rests at the highest levels of
management at the bank.
While all of this may seem ominous , it can actually result
in a positive outcome. The flip side of the
coin is that when resources are properly allocated and the CMP is strong, there
is absolutely no reason to turn large amounts of high risk business away. This is not to say that a bank can use the
excuse of a strong BSA program to add any and all high risk clients. It does however, mean that with the proper screening
and monitoring, banks can offer their
natural clients a full range of services.
So how does one get the Bsa Department in shape? We have a few suggestions.
Suggestions for
Strengthening the BSA Program
This is oftentimes a document that is often either
overlooked or completed as a “fill in
the blanks” document that captures
general information about BSA risks. It is also extremely rare that at the end of
reviewing the BSA assessment significant
change is generated. We recommend the
risk assessment process should be dynamic.
Not only should all departments heads have input, but the conclusion from
the document should be incorporated into the decisions for resource allocation
to the BSA department. In this manner,
the risk assessment is tied directly to the resource allocation, the compliance
culture and strength of monitoring
technology. Discussions about the plan
should be comprehensive and evidence that senior management and the Board have
fully considered the risk associated with BSA and made decisions based on that
risk. The level and quality of training
should also be tied directly to the risk assessment review process.
Combine CIP/EDD with
Business Development.
In many banks, the business development department works at
cross purposes with the BSA department.
While account officers do their best to obtain new clients by signing
them up to as many new products as possible, the requirements of CIP can feel
like they are in the way of the relationship.
Oftentimes, pertinent information about the client is not passed on to
the compliance staff. Many times, only
the basic CIP data is obtained and the BSA staff is left to try to develop a risk
profile using limited information. However,
it is often the case that it is the account officer that knows these customers
best and can/should be able to fully describe what it is that they do. We
recommend that banks attempt to get the Bsa and business development units to
work together to produce EDD that is based upon knowledge of the customer,
knowledge of the industry and knowledge of the requirements of BSA.
Develop Training
that Meets the Specific Needs of Your Bank
Online training for staff is widely accepted and fine for a
start. However, we recommend that you
augment this training with information that is specific to your client
base. For example, a bank that serves
an area that has a great number of high tech firms can greatly enhance its BSA
program by training staff the operations of these firms. Is it likely that a high tech firm would have
a large number of cash deposits?
Probably not! On the other hand,
such a firm would be likely to send wires to foreign countries. If staff at the bank have been well informed,
they can recognize a suspicious transaction even before software might have a
chance to do so. In addition a well-trained
and well-informed staff can perform much more effective and complete risk management.
Technology must be
powerful AND Match the Abilities and Skills of the BSA staff
We have had the experience more than once of meeting with a
client who had purchased powerful BSA/AML
software, only to become frustrated and resort back to manual monitoring. Oftentimes, the thinking of senior management
was that the examiners have told the bank that they need software and the response
has been to buy software, get the basic training that come with the software
license and wait for miracles to happen.
Unfortunately the trainers from the software companies are focused on the
operation of the software and not the meaning of the reports that are
generated. It is critically important
that when considering upgrades that the upgrade are comprehensive. Make sure that the BSA staff knows how to use
the software in a manner that is most effective.
At the end of the day, regulators are not advising banks to
run away from high risk clients, but
instead to be ready, willing and
able to handle the risk. So a strong BSA
program is good for one and all!
[1] Remarks by Thomas J. Curry Comptroller of the Currency Before the Association of Certified Anti-Money Laundering
Specialists Hollywood, Florida March 17, 2014
No comments:
Post a Comment