QUESTION
We are a credit union with several branches. Our concern is that we don't believe we have a comprehensive training program for BSA/AML. We are going to have a regulatory examination soon, and I think we will be written up for having an incomplete training program and aids. But that's just one of the weaknesses.
We need some direction here. First, our compliance manager is contacting your firm to review our written AML program. Second, we need to know the areas of weakness that regulators often find in our AML program.
What are some areas of weakness we can anticipate being reviewed in an AML examination?
ANSWER
If you expect the AML examination soon, you and other subscribers can contact us here.
We have conducted hundreds of AML risk assessments over the years, and the findings regarding BSA/AML vary depending on the financial institution's risk profile, size, complexity, and products and services. Still, there is a common grouping of weaknesses that tend to recur.
Before listing the more salient, I urge you to segment your responsibility matrix for those personnel involved in the Anti-Money Laundering review process. Regulators take a keen interest in evaluating whether an institution properly allocates responsibilities and authorities along the chain of command in reviewing AML data.
Segmenting the specific responsibilities will make the written AML program easier to execute. Importantly, the regulators will be able to determine that your institution is complying in a procedurally reliable way.
I will segment the responsibilities into four groups: (1) Frontline Staff, (2) Operations Staff, (3) Board of Directors, and (4) New Personnel. Now, consider the following brief description of each. You can take these responsibilities as a "starting point." I suggest you broaden them to reflect your institution's normative information paths.
Frontline Staff
Responsibilities
- CTR reporting requirements,
- Recognizing suspicious activity,
- Completing a SAR,
- Customer Identification Program due diligence, and
- Office of Foreign Assets Control (OFAC) requirements (if applicable).
Operations Staff
Responsibilities
- Wire transfers,
- ACH Transactions,
- Debit, Credit, Gift Card Transactions
- Recognizing and reporting suspicious activity related to applicable financial products and services, and
- OFAC requirements (if applicable).
Board of Directors
Responsibilities
- Methods to enhance the importance of BSA/AML requirements,
- Consequences and risks of noncompliance, and
- Changes and new developments in the BSA laws and regulations.
New Personnel
Responsibilities
- Orientation for BSA/AML overview,
- Jobs requiring performance of BSA/AML and/or OFAC duties must receive thorough training prior to starting the position.
There are eight recurring weaknesses we have found through our AML risk assessments. I will list them here, with the caveat that they are by no means meant to be comprehensive. Also, keep in mind our AML test audits and risk assessments are focused on residential mortgage loan originations and servicing compliance.
My advice is for you to review your written AML program to ensure you cover these areas with respect to policies, descriptions, and procedures. And be sure to test them!
Some Commonly Recurring Weaknesses
in
Anti-Money Laundering Programs
- Customer ID Program requirements.
- Timely 314(a) reviews and CTR reports.
- Independent audits must address all the issues they identify.
- BSA policies should note both the BSA/AML officer and the backup BSA/AML officer.
- Risk assessments must consider all new products and services.
- Confidentiality of all SARs must be maintained at all levels of the institution.
- BSA training is kept current and available; examiners scrutinize training records and materials.
- Customize the BSA/AML training program to employees' specific responsibilities.
Chairman & Managing Director
