Build A Solid Foundation That Will Help You Detect and Combat Financial Crimes
Prospective homebuyers want properties with “good bones,” whether buying new construction loaded with smart technology or a 200-year-old historic farmhouse that needs tender loving care.
Good bones assure buyers that a property is structurally sound, provides a safe environment, and will be a solid long-term investment.
Similarly, a financial institution’s AML/CFT Compliance Program needs “good bones” to effectively detect and report money laundering, terrorist financing, and other financial crimes.
Design Robust Pillars
The bones of an AML/CFT Compliance Program are its Five Pillars.
Here, we break down and assess the Five Pillars by drawing parallels to building a house. If the Pillars are weak or poorly designed and constructed, the AML/CFT Compliance Program will not stand. Additionally, these Pillars can’t exist in independent silos; they must work together and distribute weight to support the Program across the entire institution.
Using the analogy of home construction, here’s one way to think about the five pillars and what’s needed for them to be effective.
- The Blueprints – Develop a system of internal controls to assure ongoing compliance.
- The General Contractor –Designate an AML compliance officer to coordinate and monitor day-to-day compliance.
- The Well-Trained Crew – Providetraining for appropriate personnel.
- The Building Inspector – Conduct independent compliance testing by bank personnel or an outside party.
- The Materials – Perform customer due diligence.
Since compliance isn’t only a function of the AML/CFT Compliance Department, creating an institution-wide structure is critical.
Grab your tool belt and favorite power tools. It’s time to build the AML/CFT Dream House.
Develop Your Blueprints
Construction of a new house begins with a set of blueprints specifying how the house should be built. For example, builders must comply with building codes for new construction and renovation.
In an AML/CFT Compliance Program, the blueprints are akin to the Risk Assessment and the written policies, procedures, and processes that define how a financial institution will comply with regulations.
In addition, a home’s blueprints contain many elements: site plans, floor plans, and structural drawings, for example. Similarly, blueprints for BSA Compliance Program comprise several elements such as the various federal, state, and local regulations.
Identify Institution-Specific Risks
The first element of an AML/CFT Program blueprint should be the Risk Assessment, the foundation for developing policies and procedures. It identifies institution-specific risks and controls needed to mitigate those risks to an acceptable level as determined by the Board of Directors and Management.
The Board of Directors is responsible for creating a culture of compliance and establishing clear policies to manage AML/CFT risks. Such policies should convey the Board’s expectations for BSA/AML compliance across the institution. It also should ensure that senior management integrates compliance objectives, including measurable goals and corrective actions when compliance failures are identified.
Create Effective Procedures and Policies
The next level, Procedures, more specifically define how a Policy will be implemented for each regulatory component across all systems, reports, parameters, and other relevant parts of the institution’s compliance structure.
Finally, processes may be developed to provide more granular instructions around procedures. These may be standalone documents that offer greater detail about completing a specific portion of a Procedure.
Put It in Writing
It’s essential to document policies, procedures, and process.
A blueprint that exists only in the General Contractor’s head is useless to carpenters, plumbers, or electricians. Similarly, if a compliance process for isn’t written down, a breakdown in communication and controls can occur, especially if there are personnel changes. New team members would have no blueprint for training or understanding how the process works. Thus, a well-written program ensures business continuity and that a BSA Program is viable even with employee turnover. business interruptions.
Anticipate And Accommodate Change
Just as building codes evolve, regulatory expectations of AML/CFT Compliance Programs also change frequently. evolve. Therefore, regularly evaluating an AML/CFT Compliance Program’s blueprints is necessary to mitigate risks associated with new products, customer segments, geographic locations, programs, systems and forms, and other changes.
Changes to policies and procedures should begin with the Risk Assessment, and the BSA Risk Assessment should be updated periodically so the program evolves as the institution’s risk profile changes.
Significant changes such as mergers and acquisitions, adding bank branches, and system changes also may necessitate a Risk Assessment update. Periodic reviews should also be conducted to identify potential risks that come with new product or service offerings, vendor changes, and so forth. A In addition, a strong Change Management process is critical for documenting and tracking AML/CFT Program changes.
This process must include keeping the Board of Directors and Senior Management informed about changes and the rationale behind them, as well as getting the Board’s approval of changes. Further, changes that occur in nearly all sectors of the institution should be documented in the Risk Assessment to show the impact they may have on the BSA Program.
Establishing the Blueprints of a BSA Compliance Program can result in a solid BSA Dream House that can last and adapt to change. Moreover, a strong BSA Compliance Program contributes to the stability and growth of the financial institution.
Connecting The Blueprints to The Other Pillars
The General Contractor: The AML/CFT Compliance Officer should be knowledgeable about applicable regulatory requirements as well as the institution’s customer base, products and services, and geography.
TheAML/CFT Officer also must have the tools and resources to effectively manage the AML/CFT Compliance Program. In addition, an adequately trained backup person for the BSA Officer ensures program continuity.
The Well-Trained Crew: A well-trained crew across all levels and roles in the financial institution are able to complete their portions of the Blueprints and understand how their “trade” contributes to the BSA Program. Without adequate knowledge of the institution’s policies, procedures and processes, the Crew won’t know how to implement the Blueprints. Thus, training should go beyond the basics covered in online programs and staff should be trained on internal policies and procedures and be kept up to date on regulatory and procedural changes.
The Building Inspector: Independent Review supports the Blueprints at the design and implementation level. The Independent Reviewer can spot deficiencies in the Program that may stem from regulatory changes or someone not following the institution’s policies and procedures.
The Materials: High-quality customer due diligence (CDD) information is critical to helping the contractor and crew deliver the best final product. As a required pillar of the Program, CDD is crucial in assessing customer risk. Effective CDD processes during account opening and throughout the customer relationship can identify associated risks with each customer and determine necessary controls to mitigate them. In the construction world, higher-quality materials used at the outset make it easier to avoid unnecessary repairs.
The CDD Rule (“the Rule”) amendment to the Bank Secrecy Act states there are four required components of CDD. On its website, FinCEN states the CDD Rule, “requires covered financial institutions to establish and maintain written policies and procedures that are reasonably designed to:
- identify and verify the identity of customers.
- identify and verify the identity of the beneficial owners of companies opening accounts.
- understand the nature and purpose of customer relationships to develop customer risk profiles.
- conduct ongoing monitoring to identify and report suspicious transactions and, on a risk basis, to maintain and update customer information.
The first three components happen at onboarding of a new customer or account and can be likened to the new construction of a home. The fourth component is similar to a home’s ongoing maintenance that allows it to last for generations.
The Final Build
Building a BSA Program with “good bones” benefits everyone associated with an institution: the Board of Directors, employees, and customers.
Investing in properly constructing and maintaining an AML/CFT Program will ultimately benefit the institution’s bottom line too. After all, examiners increasingly have been critical of AML/CFT Programs and have issued consent orders and fines for insufficient programs, and institutions and their customers have paid for the effects of financial crimes by falling victim to international money laundering scams in recent years.
A quality build that supports an institution’s long-term goals comes from giving attention and resources to all Five Pillars of an AML/CFT Program. Without such effort, the institution will face extensive, expensive, ongoing upgrades.
TCA – A Better Way!
