3 reasons to consider BSA/AML resource sharing
AML AND COMPLIANCE NEWS |
The banking community has widely recognized that the cost of compliance is increasing, particularly the cost of maintaining a sound BSA/AML program. The push to maintain effectiveness while controlling the rapid increase in the cost of compliance has resulted in unintended consequences, including restriction of access to banking services for certain customer segments, e.g., money service businesses (MSB) and correspondent banking.
In response, an interagency working group has formed aimed at improving the effectiveness and efficiency of the BSA/AML regulatory environment. The interagency working group includes representatives from the Federal Reserve
System, Federal Deposit Insurance Corp (FDIC), U.S. Department of Treasury’s Financial Crimes Enforcement Network (FinCEN), National Credit Union Administration (NCUA), and the Office of the Comptroller of the Currency (OCC) and is committed to providing ongoing guidance through continued engagement with the private sector. To date, the working group has issued two joint statements. The first, an Interagency Statement on Sharing Bank Secrecy Act Resources dated Oct. 3, 2018. This guidance signals that the regulatory agencies are open to banks developing alternative solutions for identifying efficiencies without sacrificing the quality and reliability of a bank’s BSA/AML program. This, along with other recently issued guidance like the OCC Office of Innovation Guide for Community Banks, are encouraging signs that the regulatory agencies are looking to partner with banks in generating ideas to make sure the business of banking is evolving and sustainable.
Most recently, a second Interagency Statement on Innovative Efforts to Combat Money Laundering and Terrorist Financing was issued dated Dec. 3, 2018. The guidance focused on enhancing processes around risk identification, transaction monitoring and suspicious activity reporting by encouraging the private sector to turn to innovation. Specifically, the guidance highlights trends in the areas of specialized financial intelligence units, artificial intelligence and digital identity technologies; however, the overreaching tone signals a much broader effort to open further the channels of communication between the agencies and the private sector; evidenced by the establishment of the OCC Office of Innovation. Most notably, the guidance suggests that banks that identify program gaps as a result of innovative approaches, but otherwise maintain an effective BSA/AML compliance program, will not be penalized or criticized. In turn, banks that choose not to pursue an innovative approach will not be penalized for that decision.
While both pieces of guidance offer an encouraging tone, it leaves many bankers wondering how they can apply this at their institution. We’ve identified three areas where banks can consider applying the guidance to realize the benefits of resource sharing through innovation.
1. Reconsider products, services or customer segments abandoned due to cost of compliance
For a long time, the cost of compliance was not considered when making strategic decisions about new products or services. Decisions were driven mostly by market opportunity with compliance expected to “make it work.” At some point, the pendulum swung and the cost of compliance was disproportionately driving the decisions about whether to enter or exit a product/service/segment, which was limiting the ability of community banks to serve the needs of their markets. We already mentioned the example of MSBs. Banks were turning away from entire segments like this rather than establishing the ability to stratify clients more confidently and accurately based on their individual risk factors. This was occurring so frequently for MSBs that the OCC issued a Statement on Risk Management for Money Service Businesses in 2014 encouraging banks to evaluate MSBs based on their individual characteristics rather than rate all high risk. This same idea can be applied to any clients or services that are traditionally regarded as higher risk, including third-party payment processors, clients with exposure to certain geographies and correspondent banking products. Often, the speed and effectiveness in compliance administration of these clients increases when the employee performing the functions has greater understanding of the risk exposure. Resource sharing could open up access to more specialized employees. This could also create opportunities for banks to share the cost of better research tools to reduce the amount of time associated with compliance further.
2. Share the hidden costs associated with maintaining effective suspicious activity monitoring software
The vast majority of bank BSA/AML programs rely heavily on the output from suspicious activity monitoring software. Annual budgets for suspicious activity monitoring software must not only consider the cost of licensing the software, but also the cost of additional tools. Such tools include customer risk scoring, case management, SAR reporting, OFAC sanctions screening, and CTR reporting.* The software, once implemented successfully, is only one cost consideration and still requires effort to adjust for changes, troubleshoot, tailor rules, and periodically, validate the system output. Like any software tool, issues that require resolutions are bound to crop up. Something as simple as a small change in a feeder system can affect the accuracy of the information transferred in the daily interface to the monitoring system. The responsibility for troubleshooting the system is often absorbed by the BSA/AML department or the bank’s information technology function. These software-related matters can take a tremendous amount of staff time even when managed in partnership with the software provider. Having a staff member who is a system specialist can pay off significantly in improved efficiency by reducing the amount of time spent troubleshooting problems and optimizing the bank’s use of the tool. Banks may have tremendous opportunity to share resources that have developed specialized knowledge of the monitoring software. There may even be opportunity to identify a close peer institution with a similar model and customer profile, and share a resource that maintains a portfolio of mirrored rules, which can be continuously maintained and optimized by the shared resource. This could potentially reduce the cost of system maintenance as well as validation long term.
3. Fulfilling ongoing training and professional development requirements
As a core requirement for a sound and satisfactory BSA/AML program, building a comprehensive ongoing training curriculum continues to be of primary focus for auditors and examiners alike. Building an effective training program can be a challenge for many institutions, with the need to cover various channels, including new and existing employees, board of directors and executive management, and specialized training for the BSA/AML department. Maintaining an in-house training resource with the required specialized knowledge can be cost prohibitive, and in many instances, web-based training can leave a lot to be desired. This need may open up the opportunity to retain a specialist who will assist institutions in shaping an ongoing BSA/AML training program that is more agile and ready to respond to current topics in the marketplace. As the emphasis on the knowledge and qualifications of the resources within the BSA/AML department also continues to grow, a shared resource could be a valuable aid in preparing members of the department for costly certification exams.
As with any new initiative, proper governance and plans for monitoring accountability should be built into the plan prior to implementation. As the resource sharing guidance indicates, any resource sharing arrangement must be governed by a contract between the parties that includes roles and responsibilities and clear provisions for protection of confidential information amongst other things. In developing these provisions, the bank should anticipate the potential challenges associated with this type of arrangement, including the potential for disproportionate use of the resource’s time and the need to exit the arrangement with an appropriate notice period as the bank’s circumstances change. Innovations can be approached by running pilot programs parallel to existing BSA/AML processes. Both pieces of guidance emphasize the need for a proper evaluation of associated risks by management, and careful consideration before discontinuing existing practices in favor of these innovative approaches. In conclusion, always be sure to innovate responsibly.
If you are looking to evaluate your program structure for opportunities to share resources or redesigning functions for longer-term cost sustainability, our BSA/AML specialists can help. RSM will be announcing results of an AML Survey on Beneficial Ownership early spring 2019, sign up for our newsletter to be notified when the survey is released.
*The RSM BSA/AML survey is referenced throughout this white paper. The survey is available here and included banks ranging in size from $50 million-$20 billion in assets.