Do you or does your company engage in transactions with foreign companies or individuals? Do you have business or financial relationships with any kind of foreign entity that exists within a country or region that is on a Federal watch list?
The Office of Foreign Assets Control (OFAC) may be more important to you than you think. It is often cited as one of the most powerful Federal agencies most people have never heard of. To illustrate its power, OFAC settled for a $1 billion fine on BNP Paribas in June 2014 for money laundering on behalf of Sudan and other entities, part of a whopping $9 billion penalty in total.
OFAC is a U.S. Department of the Treasury agency that enforces trade and economic sanctions in support of U.S. foreign policy and national security. Its emphasis is on anti-money laundering actions against both state and non-state actors to combat foreign terrorism, drug trafficking, arms dealing, and other threats to national security. Its broad mandate as part of national security policy and very potent powers make it important for you to know how to cope with the sanctions risks it poses. … Continue reading
One of the most important components of BSA/AML compliance is a Customer Identification Program (CIP). After all, money laundering is done by people who do not want to be discovered, and most of them pose as legitimate customers. The shorthand phrase “Know Your Customer” (KYC) means that a financial institution has to have a reasonable belief based on due diligence that its customers are who they say they are and are acting within the legal framework.
The first requirement is to have a thorough understanding of BSA requirements, broadly conceived to include all the applicable laws and regulations. Knowing these will enable you to investigate potential customers for relevant risk factors. Beyond basic identity and records requirements, applicable regulations may target certain currency transactions, potential structuring techniques, identifying types of suspicious activity, and so forth.
A compliant CIP has three major components to due diligence: planning and implementation, oversight and accountability, and independent auditing. Each of these may be more or less complex depending on the financial institution’s business lines, size, structure, and risk profile. The regulatory agencies, such as FinCEN, expect your institution’s compliance program to be unique to it on a risk-adjusted basis, but they will look at the components of a CIP to ensure they are effective. … Continue reading
By their very nature, money launderers will go to great lengths to cover their tracks. In the process, they use the normal activities of legitimate businesses like banks, credit unions, money service businesses, and other financial services organizations to help them “clean” ill-gotten gains. One of the strongest tools financial institutions have in combating the covert use of their services for illegal ends is to Know Your Customer (KYC).
The Mandate for BSA/AML Compliance
The problem is that the legitimate businesses used for money laundering may inadvertently fall into non-compliance with Bank Secrecy Act (BSA)/Anti-Money Laundering (AML) requirements. Since the flow of funds through money laundering can be used to finance drug-related, terrorist, or other illegal activities, the issue has been raised to the level of national security policy. There is little wriggle room: virtually all financial services businesses are responsible for designing and implementing risk-based anti-money laundering controls.
Several units of the U.S. Department of the Treasury are charged with promoting, monitoring, and enforcing compliance with anti-money laundering rules, including the Financial Crimes Enforcement Network (FinCEN), which has oversight of the system as designated administrator for BSA/AML compliance. Financial institutions that are found to have facilitated money laundering, even if inadvertently, can be heavily fined. … Continue reading
Like every other important function in a financial entity, a BSA/AML compliance program cannot be expected to operate on autopilot. Managers and employees have to be aware of their responsibilities in the compliance program, and contribute actively as needed. Appropriate training is necessary to transform a compliance program design into an effective on-going operation.
The content and depth of training protocols will vary depending on the size, type, complexity, and risk profile of the organization. However, the Bank Secrecy Act and related laws require that covered organizations have the ability to implement business-specific anti-money laundering programs to help enforce the laws. Broadly speaking, the training program that will enable the organization to do this has five elements.
1. The Board of Directors and Senior Management have to maintain oversight.
As part of a “culture of compliance,” top managers have to be fully informed about the policy issues involved in BSA regulations and authorize the resources needed to comply. They should periodically monitor and evaluate the compliance program based on a risk adjusted evaluation (audit) as well as reports on internal controls. Ultimately, the organizational risk due to money laundering needs to be fully understood at this level, both with respect to the consequences of the crime as well as of non-compliance. … Continue reading
Anti-Money Laundering (AML) regulations for financial institutions—including most cash-handling businesses like armored car services—are risk-based. That is, the regulations recognize that the tremendous variation in the regulated businesses requires an approach that adjusts based on the risks a business actually faces.
Thus, the first step toward compliance with BSA/AML requirements is to perform an assessment of risk to produce a risk profile of the business. The risk profile will form the basis for a compliance program that will be subject to review by regulators and may be exposed to enforcement actions, so it is critical to get it right.
The risk assessment is conducted in two steps: (1) identify the specific risk categories for a business, and (2) evaluate these risks as they pertain to BSA/AML. … Continue reading