Making BSA a Team
Effort
Regardless of the size or level of sophistication of your
bank, there must be a Bank Secrecy Act (“BSA”) and Anti Money Laundering
(“AML”) compliance program in place.
Oftentimes, for smaller banks, this can be a problem due to limited
resources. The costs associated with
training, software monitoring and ongoing review of customer activity can be
daunting. Of course the costs associated
with noncompliance can be even worse.
Enforcements actions, and orders to look back at two years’ worth of
transactions are typical in situations where examiners find an ineffective BSA
system. One of the best ways to
maintain a strong BSA/AML compliance program while keeping costs down is making
the program a team effort.
Four Pillars of a BSA/AML Program
For any BSA compliance program there are four elements that
must exist at a minimum:
·
Policies and procedures that establish internal
controls – procedures should be established that detail the minimum
requirements for obtaining information from a customer before opening an
account. In addition, policies and
procedures should detail the rules for which accounts will and will not be
allowed at the Bank.
·
Training- every staff member, member of
management and every Board member should receive training on an annual
basis. This is one of the few areas in
compliance where the training requirement is actually written into the
regulations.
·
A BSA Compliance Officer – the BSA Officer must
be appointed by the Board on an annual basis and should have all of the
necessary training and experience to perform the duties of this role at the
institution.
·
Independent testing- there should be an annual
audit of the overall effectiveness of the BSA program on an annual basis. The results of the audit should be reported
to the Board and areas of concern should be tracked and mitigated.
In addition to the above, every financial institution should
perform a risk assessment for both BSA and OFAC on an annual basis. The risk assessment should detail information
about products being offered, the customers that are being maintained,
information about the geography surrounding the branches of the institution and
the steps that have been taken to mitigate risk. Finally, although it is not an actual regulatory
requirement, no self-respecting institution attempts a BSA program these days
without some sort of aggregation and monitoring software.
KYC-The Heart of the Program
Notwithstanding the specifics
mentioned above, the true beating heart of any effective BSA/AML program is the
system of knowing your customers (“KYC”).
Complete information on who your customers are and what they do to make
money is the key to understanding whether or not activity is suspicious. This point was recently reinforced by the
FDIC when they released guidance on bank services in Financial Letter
5-2015. The point of the guidance was to
encourage banks to develop systems for assessing the risks associated with
individual customers. In this
guidance the FDIC notes that:
“Accordingly, the FDIC encourages
institutions to take a risk-based approach in assessing individual customer
relationships rather than declining to provide banking services to entire
categories of customers, without regard to the risks presented by an individual
customer or the financial institution’s ability to manage the risk” [1]
The best way to
develop an understanding of the level of risk posed by an individual customer
is to know the nature of the business and the clients of your customer. A good rule of thumb to remember is that if
staff at the Bank cannot fully understand and document the business, then the
risk to the bank is too high and the customer should not maintain an
account. Information about the
particular industry of your customer is also key for comparison purposes. A good source of information is the NAICS
system. In any event, making the point
to all bank staff that all information about a customer is
vital to a good first step to improving the effectiveness of your KYC.
Getting Bank Staff involved in KYC
One area that often gets overlooked in BSA and marketing
programs is what an excellent source of information operations staff can
be. With a little training and common
use of information, a great deal of advantage can be gained. Contact with a customer does not have to be
an interrogation. Good customer service
generally entails, cross-selling and giving good information about services
that your institution offers. By
encouraging staff to talk with customers about their plans and uses of money a
great deal of information can be obtained.
Often times, it is the operations staff that have ongoing contact with
customers. “Deputize” your operations
staff to be your eyes and ears. Make
sure that these folks keep a record of conversations that they have with
customers and the information that might be gleaned from general
conversations. Finding out that a
customer is thinking of opening a second branch of their business is great
information for BSA, but also a potential additional loans opportunity.
Lending Staff Your Secret Weapon
One of the best sources of information and KYC that is
unfortunately under-utilized are loan officers. When putting together credit memos for
potential loan deals, the loan officer follows a similar approach to the KYC
that a BSA Officer should do. The
sources and uses of funds, expected outcomes and future plans of the customer
are all bits of information that should be considered by the loan officer. In addition, for anyone who is asking the
Bank to lend their customer money, an onsite visit is a must. Voila!
All of the information that a BSA Officer would need to know about a
customer and make a determination about whether or not activity is suspicious
is available at the fingertips of the loan officer.
All Together Now
Oftentimes, the hardest part of building a team effort
around compliance is misunderstanding.
Compliance regulations often get cast as impediments to business and are
therefore often viewed as work to be avoided.
However, BSA/AML is actually a global and vibrant part of banking. It is an important part of the fight against
global terrorism drug dealing and human trafficking. There is ample evidence that the people at FINCEN
actually do read and act on Suspicious Activity Reports. In May, 2015 FINCEN published a news release
detailing some of the more significant cases that had been filed as a result of
SARs. Help staff understand that what
they are doing when they are working with the BSA program is actually helping a
much larger effort. This understanding will
increase the interest in the program and help staff fully engaged.
No comments:
Post a Comment