This week’s FinCEN Advisory to U.S. Financial Institutions on Promoting a Culture of Compliance is a stark reminder that the operational execution of BSA/AML compliance needs to be front of mind with everyone in your organization, not just those who work in compliance roles. In the same way that customer service, profitability, and employee ethics have become ingrained as corporate values and principles, BSA/AML compliance must be an equally integral part of the culture that is visibly executed within your organization.
The guidance provided by FinCEN proves the importance of an enterprise-wide culture of compliance that impacts every level of your organization, from leadership to information sharing to having adequate human and technical resources available to ensure an effective program for BSA/AML compliance. The message from FinCEN is that it’s time to take a critical look at your Anti-Money Laundering program and understand just how far your culture of compliance goes.
Here are three important actions that Financial Institutions should take to heart following FinCEN Advisory since we expect more regulatory action to occur as a result of failures in these areas over the next several months.
1. Take visible action – Institution leaders should take notice of a shift that is taking place with regard to accountability in the eyes of regulators for failures in BSA/AML Compliance. Certainly the increasing value of fines for compliance failures have Senior Executives concerned about institutional liability, but statements from regulators throughout 2014 about their intentions to act on holding individuals personally liable have been backed up by actual events.
The FinCEN guidance underlines statements and guidance that it, other regulators and prosecutors have been highlighting all year long. If failures in BSA/AML compliance are found within the institution, we can expect to see compliance officers, business managers, executive management and possibly board members being held personally responsible if they are determined to be the weak link, unaware of their institutions policies, procedures of fail to visibly engage and demonstrate their commitment to BSA/AML compliance.
2. Allocate authority – In an increasingly competitive market following the global financial crisis, there has been intensification in the tug-of-war between back-office BSA/AML compliance and front line business development. Keeping in mind that customers that generate the greatest amount of revenue for the institution also often carry greater risk, FinCEN is guiding institutions to ensure that revenue interests don’t outweigh efforts to mitigate money laundering risk or otherwise tip the balance of a balanced risk-based approach to BSA/AML compliance strategies.
With this guidance, FinCEN is supporting the earlier point made about effective leadership and personal accountability by encouraging firms to allocate the appropriate authority and autonomy to those parties within the institution for carrying out and enforcing BSA/AML compliance. Officers should take this advisory to their senior executives as evidence that regulators expect such powers and authority to be granted, serving as demonstration of their commitment to a Culture of Compliance.
3. Monitor and test – Leadership’s allocation of resources and authority will not be enough to satisfy regulatory scrutiny for BSA/AML compliance. A clear understanding of the institutions level of exposure to BSA/AML risk, along with programs to monitor and manage the risk is an additional expectation of regulators.
A program of independent testing of the BSA/AML compliance, ongoing risk assessment and subsequent risk controls is essential to ensure that proper evidence can be given to examiners to the soundness and effectiveness compliance efforts. FinCEN stressed the importance of the integrity of such testing as it relates directly to the integrity of the executing of BSA/AML compliance within the firm. Firms should develop and/or review programs, teams and oversight to ensure that BSA/AML Compliance Program testing comprehensively evaluates the program, identifying any gaps and develops plans for remediation. The testing of the program should be carried out by an independent party that is competent in BSA/AML compliance with no conflicts of interest as to the results of the evaluation and test results.
NICE Actimize has been focused on this new emphasis regulators, and FinCEN in particular, have been echoing for the last several months. We believe that creating a Culture of Compliance within financial institutions is the next evolutionary step in BSA/AML compliance. Achieving such a culture takes coordination across the entire organization, and starts with the firm’s leadership and demonstrative commitment.
Consistency and collaboration are essential to ensure that processes become everyday practice, and the right, purpose built technology can help ensure goals become achievable reality. Changing the culture of an organization is hard work, but turning intention into action is essential to achieving an effective and viable Culture of Compliance.
Content originally published by Joe Bognanno