ABA Bank Compliance - July/August 2014

Community Banks and Learning from BSA Enforcement Actions:

Hindsight is 20/20

Most community bank compliance professionals likely think, Okay, what did the bank do this time, and do I really have time for this with everything else on my to-do list? This is obviously a choice that must be made, but when it comes to Bank Secrecy Act/Anti-Money Laundering (BSA/AML) enforcement actions, the answer should be “Yes!”.

Why Should these Enforcement
Actions Matter to Me?

You can’t manage what you can’t quantify and you can’t quantify what you don’t track.

The BSA/AML enforcement actions are are more concerning than the compliance or safety and soundness-only enforcement actions because those involved include:

1. the bank’s primary federal regulator
(and often the state regulator as well)
2. the Financial Crimes Enforcement
Network (FinCEN), the Department
of Treasury’s enforcement arm

3. Department of Justice (DOJ)

It seems that the greater the civil money penalty, the more extensive the list of violations and infractions that are detailed in the public document. Sometimes the volume of violations is the problem, and sometimes it is the sheer magnitude of the infractions. Sometimes it is both.

These documents should be read and
reviewed thoroughly by bankers of all
sized institutions, but even more so by
community bankers for several reasons.

First, it is imperative that the compliance management program receives all communications. and these can be obtained from daily e-mail updates from national and state trade associations, but it is most beneficial to obtain the information directly from the source because other information related to the regulatory issues is linked, and it is generally available a day earlier than other sources.

The bank’s regulator, FinCEN, DOJ, OFAC, and others are great resources for information beyond enforcement actions related to other financial institutions. Each website provides direct email for specific notices, and a wealth of other information that could be utilized for training purposes also.

Community banks are not often in the crosshairs of the regulators in the world of BSA/AML, as typically there is the expected HMDA, flood, and lately the gradual development of the ever concerning UDAP violations. However, there are the occasional instances where the violations do occur. Share with your staff when you become aware of each instance, big bank or small, and consider the most important points of how and why the other institution became the poster child this time (after your initial jaw dropping response of “OMG, they did THAT?”).

Everyone is quick to judge because
the information went public, but stop
and take a thorough look at the situa-
tion’s clues, patterns, hints, and docu-
mented failures to determine why it
happened and make sure nothing even
remotely similar is happening in your
own shop.

Compare Your Own Program

1. It may sound odd, but a good staff discussion includes a dissection of the entire document. Sometimes it is difficult to tell the entire story, as those on the outside will never know what really went on inside the organization––the exams and audits, and the executive management’s discussions and final decisions before the formal actions.

2. Often comments that reference previous exam findings such as ‘willfully violated’ or a reference to the ‘clearing of alerts generated by the automated AML system’ tell volumes of a bank’s systems and processes. But more importantly, they tell of its priorities, or even of a lack of understanding of the seriousness of their responsibility as a gatekeeper of the U.S. financial system. If management isn’t aware of a particular situation, they can’t help the staff. If they are aware of the situation and don’t provide guidance or other support, it is possible they don’t fully understand the magnitude of the particular situation. If after communicating the issues clearly, the message is still not received seriously, trouble could occur.

3. Be sure to review the products and services listed in the document as well. If your organization doesn’t offer these (i.e. international branches, complex international wire transfer services, private banking services, money service business accounts, third party payment processor accounts, etc.), then there is that much less for you to worry about. If the details are regarding more domestic products that all banks offer, then by all means

ALL BANKERS LOOK TO THEIR RESPECTIVE REGULATORS for various forms of information on topics such as pending and revised regulations, advisories and formal guidance from the inter-agencies, newsletters on hot topics and regional problem areas, and even exam schedules. One of the least pleasant forms of communication available from the federal regulators is the formal enforcement action. These publications are just as important from the regulator’s perspective because they communicate activity the rest of the banking world should take seriously.