AML Professionals simply want the BSA to work..
Whether in open hearings before Congress, at conferences, or in closed-door sessions such as our recent AML RightSource Symposium, when AML community leaders discuss their challenges, the themes are constant—the bifurcated nature of the Bank Secrecy Act prevents success. Success, as has been defined many times, is to get information into the hands of law enforcement.
Over the course of the day, the group of AML leaders covered a broad range of issues including internal audit, examiners, third party vendors and technology and all seemed to arrive at the same place—much of the infrastructure surrounding AML sometimes contributes to inefficiency and misplaced allocation of resources. Some examples follow:
Internal Audit—what are you doing?
A consistent theme was the challenges of navigating internal audit review of the BSA program. A number of folks made clear that training of auditors was sorely lacking and that the AML team “knew it better” than the auditors. Many auditors seem to come to their reviews with preconceived notions such as “cash is always bad.”
Solutions to this dilemma that were discussed included more robust AML training, but also inviting audit to the table regarding new products and services and explaining at the front end how the various risks are being covered. In fact, a day-long theme for all the challenges was the importance of cultivating relationships and improved communications.
On the last point regarding communication, is the clear need for auditors to be trained in (or hopefully hired with) writing skills. A former auditor attending our symposium admitted how much more he now knows after joining the AML compliance part of the business.
You have to know what you don’t know.
Regulatory Examiners—Training and Reaching out to Law Enforcement is key
By following the well-known “Chatham House Rules” our participants offered excellent insight into the age-old problem of regulatory form over substance. There were several examples of examiners that worked well with institutions, but all too often the examples enumerated inconsistencies and the real obstacles to either appealing or even debating a position taken by a regulator with no basis in rule or regulation.
Similar to internal audit, the examples of preconceived notions were rampant as were complaints regarding the entire SAR process.
The group was optimistic that if the various congressional AML reform bills pass with provisions addressing SAR filings on activities such as structuring, there could be reductions to the massive costs and improved efficiencies on filings. However, there was also a clarion call for changes to how examiners (and auditors for that matter) review the failure to file SARs and how the timing of those filings is calculated.
The focus on when SARs are not filed and the many examples of examiners refusing to defer to the institution in the face of documented analysis of why a SAR was not needed is prime evidence of the inefficiencies of BSA oversight by regulators.
For example, here is what FinCEN has said on not filing:
“Due to the variety of systems used to identify, track and report suspicious activity, as well as the fact that each suspicious activity reporting decision will be based on unique facts and circumstances, no single form of documentation is required when a financial institution makes a decision not to file.” (https://www.fincen.gov/sites/default/files/shared/sar_tti_10.pdf#page=47)
Added to that were others who received differing opinions from examiners on when the clock begins to run on SAR filings. Some were told that that the SAR clock starts when an alert is generated; others when the investigator makes the call and still others when the supervisor signs off.
Going back to the same guidance cited above, FinCEN has been pretty clear:
“What constitutes a “reasonable period of time” will vary according to the facts and circumstances of the particular matter being reviewed and the effectiveness of the SAR monitoring, reporting, and decision-making process of each institution. The key factor is that an institution has established adequate procedures for reviewing and assessing facts and circumstances identified as potentially suspicious, and that those procedures are documented and followed.”
So why are examiners confused? Training, training, training…
Many other topics but similar themes
We will add to these great discussions in future postings but for now it is important to note our participants were also concerned about vendors who sold products that were not modified to their institutions, made self-serving recommendations hoping for additional business and grappled with technology discussions on machine learning and artificial intelligence that frankly were not as valuable as currently constituted.
All that participated simply wanted one thing—for their AML work to matter.
Optimism exists but for now, the song remains the same.
*The opening track from the 1973 Led Zeppelin album, “Houses of the Holy.” The album was #1 on the Billboard charts.