Key BSA/AML takeaways from the 2015 FIBA conference

Similar documents
RSM ANTI-MONEY LAUNDERING SURVEY BEST PRACTICES AND BENCHMARKING FOR YOUR BSA/AML PROGRAM

PURCHASE ORDER SPEND CONTROL MICROSOFT DYNAMICS AX 2012 R3/ AND DYNAMICS 365

Anti-Money Laundering and Sanctions Compliance. You Can t Afford the Risks

Data analytics is a powerful tool to prevent fraud and manage risk

Banking Money Services Business. Xenia Vieth, Esq. Banco Popular North America

SAMPLING AND ERROR EVALUATION RSM US LLP. All Rights Reserved.

Auditing for Effective Training

BEIJING BRUSSELS CHICAGO DALLAS GENEVA HONG KONG LONDON LOS ANGELES NEW YORK SAN FRANCISCO SHANGHAI SINGAPORE TOKYO WASHINGTON, D.C.

The need for optimization: Getting the most from Microsoft Dynamics GP

MICROSOFT DYNAMICS 365 FOR TALENT. Rachel Profitt, MVP, MCT Director, RSM Technology Academy November 30, 2017

CHART OF ACCOUNTS SETUP

RSM TECHNOLOGY ACADEMY elearning Syllabus and Agenda RETAIL POS SETUP FOR MICROSOFT DYNAMICS AX

BSA/AML Self-Assessment Tool. Overview and Instructions

PROCURE-TO-PAY INVENTORY MANAGEMENT

LOYALTY MANAGEMENT FOR RETAIL

Internal Audit Report - Contract Compliance Cycle Audit Department of Technology Services: SHI International Corporation Contract Number

7 Tips to Successful Check Cashing

RSM TECHNOLOGY ACADEMY elearning Syllabus and Agenda WAREHOUSE LAYOUT FOR MICROSOFT DYNAMICS 365 FOR FINANCE AND OPERATIONS

The FFIEC BSA/AML Examination Manual 2010 Revisions

Non-Banking Financial Institution (NBFI) Third Party Payment Processor (TPPP) AMLQuestionnaire

Risk Management TRAINING AND EVENTS. aba.com/risktraining

NETSUITE USER GROUP WEBCAST

FMS New York/ New Jersey Chapter Meeting January 14, The Impact of Models. by: Scott Baranowski

RETAIL POS AND STORE OPERATIONS

Electronic Banking Remote Deposit Capture Third Party Payment Processors Automated Monitoring Systems Staffing & Resources

ERP IMPLEMENTATION RISK

Customer Due Diligence Risk-Based Approach. Dan Soto CCO Ally Financial

IIB - INTERNATIONAL BANKING ANTI-MONEY LAUNDERING SEMINAR

A Strategic Approach to Bank Fraud

ORDER-TO-CASH INVENTORY MANAGEMENT

Preventing Board and Management Liability for Violations of AML Rules

RDC Risk Management and Compliance: Expert Update & Case Study

My Visa Long is Getting Long in the Tooth

The New Rule on Customer Due Diligence Key Takeaways from Banker s Toolbox

Bank Secrecy Act Training: Who, What, When, How and Why? Presented by Lynn English Lafayette Federal Credit Union

LEVERAGING ERM BEYOND COMPLIANCE. July 25, 2017

JOB TITLE: VP, BSA Officer REPORTS TO: SVP, Deposit Operations and Regulatory Compliance/CRA Officer DEPARTMENT: Compliance

Payment Processor Buying Guide. How to prepare for sending out an RFP

RSM US CODE OF CONDUCT GROUNDED IN OUR VALUES - RESPECT, INTEGRITY, TEAMWORK, EXCELLENCE AND STEWARDSHIP

Customer Due Diligence (CDD) Market Survey. Survey Results. Copyright 2016 NICE Actimize. All rights reserved.

RSM FOOD AND BEVERAGE INDUSTRY SURVEY

RDC Risk Management in 2013

Corporate Functions & Business Operations

PRODUCT INFORMATION MANAGEMENT

DFS NY A strategic approach to dealing with the final rule. August 2017

RDC Audit & Compliance: Lessons from the Battlefield

FINANCIAL MANAGEMENT FOR ACCOUNTS PAYABLE

Bank Secrecy Act Hot Topics May 15, Heather Johnson, CRCM Regulatory Compliance Senior

STRATEGIES FOR EFFECTIVELY WORKING WITH THIRD-PARTIES. September 2017

Australian Remittance and Currency Providers Association Ltd. ACN: ABN: PO Box 1757 Lane Cove NSW 2066

IMAS Guidance to Assessing Money Laundering and Financing of Terrorism (ML/FT) Risk

Senior management training, accountability and oversight for anti-money laundering compliance

Arlington County, Virginia

REPORTING AND BUSINESS INTELLIGENCE

Testing and Reviews. Importance of BSA / AML Training Testing staff on their comprehension of the training

Modernizing Anti-Money Laundering Practices

2. Review Criteria against Enhanced Independent Review

WELCOME. 1

Astrus Third Party Intelligence

Ramifications of the New COSO Framework & Recent PCAOB Actions

WAREHOUSE AND TRANSPORTATION MANAGEMENT ESSENTIALS

Practical Ideas for an Effective BSA/AML Compliance Function: Risk Assessment and Program Development

AML for MSBs & FinTech: The Compliance Conundrum. Insight Article. Copyright 2016 NICE Actimize. All rights reserved.

The Benefits of First- and Second-Line Monitoring

Virtual Currency and Electronic Money Movers: AML Red Flags. John A. Beccia, Circle Internet Financial

EHR AND ERP INTEGRATION. January 25, 2018

SANTANDER TREASURY LINK Built for the way you do business

IBM AML compliance solution

Sarbanes-Oxley Act of 2002 Can private businesses benefit from it?

LESSONS LEARNED FROM BSA ENFORCEMENT ACTIONS

Fraud in focus March Fraud & Corruption in the Victorian Public Sector learnings and insight for 2017 and beyond

Customer Due Diligence A Risk Based Approach. Dr Tony Wicks Director of AML Solutions NICE Actimize

RC & TACKLING TRADE BASED MONEY LAUNDERING (TBML) risk compliance RISK & COMPLIANCE MAGAZINE. risk & compliance REPRINTED FROM: APR-JUN 2018 ISSUE

External Quality Assessment Review of University of Florida s Office of Internal Audit

RDC Risk Management in 2015

Conducted 2nd quarter 2015

Thomson Reuters SCREENING RESOLUTION SERVICE

Implementing effective third-party frameworks in the life sciences industry leading practices and challenges

FDICIA Reporting for Financial Institutions. Reporting Changes Under Part 363 and SAS 130

HOW DATA SCIENCE CAN REDUCE AML FIFTH PILLAR RISK

Tackling serious failings in firms A response to the Special Measures proposal of the Parliamentary Commission on Banking Standards

ANTI-MONEY LAUNDERING & SANCTIONS EXPERTS WITH IMPACT

FINANCIAL SERVICES FLASH REPORT

Crowe Consumer Compliance Consulting Services

BSA Hot Topics. Presented to: New York Bankers Association. May 2015

ADMINISTRATION & SECURITY BOOTCAMP

Data-Driven Strategies for B2B Payments and Working Capital Management

Getting ready for any examination brings about the initial

Executive Summary Provides the background, scope and objectives, and overall summary and highlights of the engagement

Mobile banking and payments: What are the US rules?

Citi Academy for Financial Institution Professionals 4 5 April 2017

Crowe Activity Review System

On Alert: Designing Effective AML Monitoring Processes

THIRD-PARTY RISK MANAGEMENT

READY OR NOT? NAVIGATING THE DFS 504 RULE. AUTHORS Adrian Murphy Austin Hong Aron Cohen CONTRIBUTORS Allen Meyer Alan Morley

An Overview of the 2013 COSO Framework. August 2013

Minimizing fraud exposure with effective ERP segregation of duties controls

Risk-Based Audit Approach to MSB Programs for Sellers of Prepaid Cards. Elisa Evans, CAMS

The importance of a solid data foundation

AML model risk management and validation

Transcription:

Key BSA/AML takeaways from the 2015 FIBA conference April 2015 This year s Florida International Bankers Association (FIBA) conference included a number of sessions that addressed Bank Secrecy Act and anti-money laundering (BSA/AML) concerns. 3 hot BSA/AML topics for bankers and regulators in 2015 FIBA conference sessions identified a number of AML issues of pressing concern among both financial institutions and regulators. Key topics included: Hot topic 1: De-risking Some banks are terminating or restricting business relationships with clients or categories of clients to avoid risk instead of managing it. The terminated businesses often then are unable to find new banks, which is pushing entire business sectors out of banking. Regulators emphasized that the key is not for banks to avoid these sectors wholesale, but rather to perform appropriate due diligence and make informed, risk-based decisions. Managing risk in certain sectors or for certain clients can mean increasing controls, which usually means increased costs. Financial institutions need to conduct careful cost/benefit analyses as they consider new clients and business sectors. Bankers stressed that the decision to close accounts has to remain theirs alone and that they face potential regulatory criticism for having customers in higher-risk industries and additional criticism if they now exit those relationships. Contrast that with the results of Operation Choke Point. The Department of Justice launched Operation Choke Point in 2013, targeting fraud and money laundering, particularly among payment processors, payday lenders and other perceived high-risk industries. As part of this initiative, the FDIC issued guidance about high-risk merchants who gave the impression to many banks that they should not do business with certain targeted industry companies. In some cases, FDIC examiners were requiring banks to close relationships, overriding the banks risk-based approach to doing business with those customers. New guidance was put out restricting FDIC examiners ability to mandate that banks close certain

customer accounts, and the FDIC is currently encouraging banks to take a risk-based approach. Comments from industry panelists and audience members indicated skepticism remains as to whether this guidance will be consistently applied across the various regulatory agencies. During a hot topics panel for regulators, they concurred that decisions should be risk based and made by the banks. Regulators offered the following thoughts on de-risking: Institutions do not have to run from sectors; they just need to understand the risks and their capacity to manage them by performing adequate due diligence. Banks should determine whether their current systems and controls are sufficient to manage the risks or whether they need enhancement. This analysis should drive the decision on whether the risks can be managed in a cost effective manner. As banks take these customers on, they must adjust monitoring thresholds to capture the types of activity that will come from the new high-risk customer and also must provide adequate training so that employees understand how to monitor the new risks effectively. Hot topic 2: Culture of compliance Culture of compliance was another hot topic among both bankers and regulators, who were in broad agreement on its importance to successful BSA/AML compliance and risk management. Regulators and bankers pointed to FinCEN s advisory as a key resource in promoting a culture of compliance. The letter summarizes and consolidates key elements in the FFIEC BSA Examination Manual and previously issued guidance. During the bankers hot topics session, the following attributes were highlighted as essential for a culture of compliance: Tone at the top from the board and management Buy- in from the business lines Sufficient independence for the compliance function Accountability for BSA/AML compliance at all levels management, front-line staff, the board and compliance Compliance incorporated into performance evaluations Regulators offered additional insights during their session, stressing that the advisory outlines how to make BSA/AML a priority, by ensuring that the board of directors understand the risks of noncompliance, and additionally by emphasizing emphasizing the importance of providing sufficient resources and training across the organization. Regulators also emphasized the importance of eliminating information silos so that information gets to where it is needed, partly by ensuring that everyone within the institution understands the importance and value of AML/BSA data. Other tips from regulators include: Consider including a BSA/AML component in your employee evaluations. Examiners are increasingly stressing the importance of a BSA/AML compliance factored into employee performance evaluations and compensation decisions. Avoid having compliance report to your business lines in order to maintain independence and avoid having information compromised. Focus on adherence, not just policies and procedures. While most banks now have relatively sound policies, adherence to them remains an issue. Processes should be in place to ensure compliance on an on-going basis. Don t just have sticks have carrots, too. Programs that reward compliance and ethical behavior can be very effective. Finally, a culture of compliance will not only help to prevent compliance issues, it can also help mitigate the severity of an enforcement action should a violation occur. Hot topic 3: Information sharing The Department of the Treasury s Financial Crimes Enforcement Network (FinCEN) and bankers have concerns with the current use of 314(b) voluntary information sharing among financial institutions. USA Patriot Act section 314(b) allows financial institutions to share information with each other in order to identify and report to the federal government activities that may involve money laundering or terrorist activity. The following are a variety of the reasons outlined by financial institutions to improve upon section 314(b). The inconsistent interpretations among various courts concerning the safe harbor protections for banks are making some banks reluctant to share information. The workload required to respond to section 314(b) requests represents an added cost, particularly for community banks. Community banks, in particular, complain that larger banks fail to respond to requests. Larger banks complain that they often receive requests for basic information that the requesting institution should be obtaining on its own. Banks are unable to share SAR information with foreign affiliates. FinCEN representatives indicated they are working to improve the information sharing program, including strengthening the safe harbor protections. BSA/AML technology industry and regulator perspectives The right IT tools are vital to your BSA/AML compliance effort. But what s working and what isn t? The following tips came from a panel that included industry and regulatory representatives who are focused on the effectiveness of AML tools at institutions across the country. 2

Management buy-in is vital. If your leadership does not understand BSA/AML risks and the vital role that your systems play in controlling them, they are unlikely to support sufficient investment in your BSA/AML compliance effort, including your IT tools. Don t leave AML development only to your IT department. Make sure that compliance is included in system acquisition, design and tuning decisions. Communicate with your examiner. If you are aware of issues in your institution, whether with your systems or elsewhere, be up front. This will create a better relationship and could help avoid or mitigate enforcement actions. Customer risk rating is very important. You can have a great monitoring system, but if you have not rated customers properly, you are likely to miss activity that needs further review. Do not assume your affiliates are low risk. Treat them with the same scrutiny that you would apply to any other correspondent relationship. Ask whether they are nesting relationships, and make sure you know what activities they are actually involved in. Make sure your monitoring software is capturing all appropriate wire transfer information, especially fields in various Society for Worldwide Interbank Financial Telecommunication (SWIFT) forms, such as fields 70 or 72 in a SWIFT MT 103, MT 202 and MT 202 COV. Is this information being reviewed to determine if there are any potential OFAC violations? Is the correct data in the correct fields? Without the right data, you aren t actually monitoring your activities or controlling your risks. Test system thresholds before you implement them. Before you establish or modify your thresholds, test them to make sure they are generating the right results. Don t modify system thresholds to manage backlogs. If your system is generating a high level of alerts, escalate the issue to management and develop a plan to address it. When evaluating thresholds, check how often a rule triggered a SAR. If your rules never trigger SARs, you may not be capturing the right activity. On the other hand, just because you are filing a lot of SARs does not mean your system is capturing adequate data. Don t automatically close alerts. Excessive alerts may mean that your system parameters are not set up properly or that you don t have sufficient staff to address them on a timely basis. Evaluate your analysts by how many SARs or escalated cases they generate, not just by how many alerts they close. Analyzing your SARs allows you to test the effectiveness of your rules and threshold, provides vital information about customer relationships, reveals transaction patterns and much more. But you can t analyze what your analysts don t generate. As part of your BSA/AML compliance efforts, you will have to ask customers and business lines for information. Have a system in place to track those requests, to ensure that you receive responses and to ensure that those responses adequately address the concerns raised. Finally, banks everywhere are scrambling for skilled BSA/ AML talent. Ask your employees to help. Employee referrals can be a great way to find talent. In addition, cross-training, providing additional opportunities to learn new skills or take on responsibility can help retain the existing employees Correspondent banking In an increasingly global economy, correspondent relationships are one way to expand your financial institution s geographic reach. But they come with their own unique set of BSA/ AML concerns. The FIBA conference panel on correspondent banking found that the risk factors involved in correspondent banking haven t changed, but that the risks are more clearly understood, and that many of the risk issues and controls used in foreign correspondent banking relationships are now being used in domestic correspondent relationships as well. Here are some highlights from the panel: When considering foreign correspondent banking relationships, look at the level of risk as a whole. Consider the nature of the relationship between the corespondent bank and its customers. Can you rely on the correspondent bank s policies and procedures or audit information? Or will you have to provide your own due diligence? On the enforcement front, few actions involving correspondent banking relationships were close calls. Common issues that resulted in breakdowns of the U.S. bank s BSA/AML programs included issues resulting from transactions involving new technologies or payment systems, and resource constraints, especially banks that were downsizing their compliance staff during times of heightened risk. A new asset is on the horizon that will help with correspondent banking relationships. SWIFT is setting up a know-your-customer database in which all 7,000 of its users can provide information for free. What do changes to OFAC Cuba sanctions mean for you? On Jan. 15, 2015, the Department of the Treasury s Office of Foreign Assets Control (OFAC) published amended regulations regarding Cuba to implement policy changes announced by the Obama administration on Dec. 17, 2014. Following is an overview of those changes and some issues you may need to consider. Credit cards Credit cards can now be used in Cuba for authorized transactions. The trick is determining which transactions are authorized. OFAC regulations indicate that the government will rely on credit card users to make that determination. What is unclear, however, is what degree of oversight issuing financial institutions are required to provide to help ensure cards are not being used for unauthorized purposes. Currently, MasterCard has removed all blocking of transactions in Cuba. Your institution may, however, wish to continue to block Cuban transactions until the OFAC offers more refined guidance on its expectations for monitoring those transactions. If so, you need to work with your credit card company to ensure it continues to block Cuban transactions. 3

Wire transfers U.S. financial institutions are now authorized to process foreign-to-foreign wire transfers involving Cuban parties if the underlying transaction would have been authorized if conducted by a U.S. person. While these wire transfers will no longer be blocked, you can still choose to reject them. You are still responsible for reporting all rejected transactions to the OFAC. The challenge? There is not yet definite guidance on determining if a transaction would have been authorized if it had been conducted by a U.S. person. Trade finance Prior to the new regulation, all Cuban transactions required cash before shipment. Now they require cash before change of title. This allows the financing of goods while they are being shipped. Accounts for Cuban nationals OFAC now allows financial institutions to open accounts for Cuban nationals who are in the United States on visitor status. You will, however, be required to block the account once the account holder returns to Cuba. So you need to consider how you will monitor the account holder s location. Correspondent accounts U.S. financial institutions are now allowed to open correspondent accounts with Cuban banks to facilitate authorized transactions. Cuban banks, however, are not allowed to open correspondent accounts with U.S. banks. The challenge will be ensuring sufficient oversight to ensure that transactions conducted through such accounts are authorized. Travel provisions The new regulation makes a number of changes regarding travel: Only one general license is required for travel. The per diem has been eliminated. Travelers may take $10,000 in cash to Cuba. Expenses incurred must be related to the trip (e.g., lodging, food, etc.). Travelers may only bring $400 of Cuban goods back to the United States, of which only $100 may be tobacco products. Airlines must maintain records of each traveler s purpose for visiting Cuba. Remittances Families continue to be allowed to make unlimited remittances. The regulation increases the limit for nonfamily remittances from $500 to $2,000 per quarter, provided that: The remittance is not made from a blocked source. The recipient is not a prohibited official of the government of Cuba or the Cuban communist party. The remittance is not made for emigration purposes. The remitter is 18 years of age or older. For purposes of remittances, the regulation defines an authorized transaction as follows: Travel-related expenses Export remittances The regulation now allows the following categories of goods to be exported to Cuba, but only to the private sector: Materials for building Tools for agricultural use Tools for auto mechanics Cuban government import agencies may import eligible goods provided the end user will be in the private sector. For financial institutions, the compliance challenge around remittances is ensuring that they go to private sector parties, which are not owned or controlled by the government. However, OFAC has not defined ownership or control, so due diligence expectations for financial institutions are not yet clear. Cuban currency Cuba currently has three different types of currency: chavito, peso and letter of credit. The Cuba government is working to unify the currencies without shocking the economy. Because the changes to OFAC regulations for Cuba are so new, they provide minimal guidance now, but further guidance is expected. Financial institutions should contact OFAC with questions. More information is also available on the Department of the Treasury site. Financial institutions and credit-card companies may need to enhance CDD in order to monitor compliance of customer accounts. You also may need to be prepared to monitor other issues, such as why a traveler might make numerous trips, bringing $10,000 in cash each time. 4

+1 800 274 3978 www.rsmus.com This document contains general information, may be based on authorities that are subject to change, and is not a substitute for professional advice or services. This document does not constitute audit, tax, consulting, business, financial, investment, legal or other professional advice, and you should consult a qualified professional advisor before taking any action based on the information herein. RSM US LLP, its affiliates and related entities are not responsible for any loss resulting from or relating to reliance on this document by any person. RSM US LLP is a limited liability partnership and the U.S. member firm of RSM International, a global network of independent audit, tax and consulting firms. The member firms of RSM International collaborate to provide services to global clients, but are separate and distinct legal entities that cannot obligate each other. Each member firm is responsible only for its own acts and omissions, and not those of any other party. Visit rsmus.com/aboutus for more information regarding RSM US LLP and RSM International. RSM and the RSM logo are registered trademarks of RSM International Association. The power of being understood is a registered trademark of RSM US LLP. 2015 RSM US LLP. All Rights Reserved. wp_fi_1015_2015_fiba_conference

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback