BSA Deadly Sins "What are some of the most common mistakes or "deadly sins" you see financial institutions making in the BSA/AML area these days?" That's the question we posed to our BSA-savvy gurus. You will benefit from the insight they share below.
JOHN BURNETT
Failing to retain and document cases in which your bank has decided not to go forward with a SAR filing. Some people have the idea that having this information in file can bite you. That's only true if your analysis is inconsistent and you let significant cases "pass" when you file on trivial stuff.
Failing to include lenders and trust personnel in regular AML training. You don't need to train a loan or trust officer in the fine art of completing a CTR. But you do need to keep lenders attuned to the importance of reporting suspicious activity, and some of the behaviors that should be "red flags."
Taking the "cheap route" in AML monitoring. You don't have to spend a fortune, but you truly need to upgrade your AML monitoring capabilities. This will probably involve installing software to help detect anomalies in customer behavior patterns. The bar has been raised, and you need to leap higher to clear it.
Thinking that "Know Your Customer" ever really died. If you don't understand your customer's expected behaviors, you cannot effectively monitor for money laundering or other suspicious transactions. Call it "Extended Due Diligence" if you wish, but you need to "Know Your Customer" now more than ever before.
BARBARA HURST
From what I've observed, one of the biggest mistakes banks are making in the BSA area is the failure to train front line to recognize suspicious activity. We can install the most accurate monitoring system possible, but reportable suspicious activity can still get past it, if it can get past the person on the window or at the new accounts desk. Ongoing training, and the emphasis of its importance, need to be communicated to the front line - constantly.
Audit, Security and the BSA officer need to sit down and choose which one of them will make the final decision on who will file a SAR. In too many cases, it's left to the attorney, or to a committee, or to administration, or to others who hark back too much to privacy issues, and the result is that they refuse to file. The mind-set during the past few years has been, "When in doubt - don't." With examiners looking at quantity instead of quality (no matter HOW much they deny it), and with safe harbor in place, that mind-set should be reversed - quickly.
For a short while, after September, 2001, with the emphasis on security, BSA and Security Officers were able to do institution-wide training. Some were smart enough to include BSA training along with evacuation procedures, disaster recovery, etc. Others did not and missed their chance. The entire financial institution, particularly loan officers and operations, need to know what BSA is all about. The bank-wide training never got done in many cases. It must be done - now - before it's too late.
KEN GOLLIHER
Failing to realize that an anti-money laundering (AML) program is the cradle that holds both BSA and CIP compliance. Operating a flawless BSA compliance program does not assure that your institution will not be used a conduit for illegal activity.
Believing that an AML program is something that you can buy rather than build. Your employees are smarter than your computer system; they are your primary defense mechanism. They need to be trained as to what the bank's responsibilities are and what it is they are to look for. That training needs to go beyond "lists" of what might be suspicious and get across the concept that anything out the ordinary should be noted and evaluated. There should be an internal prejudice in favor of reporting suspicious activity to a centralized person rather than an immediate supervisor.
Believing that a written AML risk assessment is a perfunctory regulatory requirement. Doing a risk assessment is essential to the development of a comprehensive, defensible AML program. The bank cannot possibly put forth the idea that it has a good AML program if it has done nothing to evaluate where its risks lie.
LINDA WESTFALL
Designation of Exempt Person forms incorrectly completed, biennial renewals not properly completed and inadequate monitoring.
Inadequate training. Training should be performed frequently and various areas of the bank should receive training specific to their job duties. It should be very detailed and cover all pertinent issues. New employees should receive training early in their employment.
The 314a list is not kept in a secure area.
CTR errors - Not checking Box e, Section B to explain why Section B is not completed.
We recently became aware that Item 14 should contain "n/a" when the transaction is conducted by an individual on behalf of another individual not present or an organization. This is in the instructions.
CONNIE FENCHEL
All employees involved in accounts or transactions must be trained in BSA compliance, from tellers up to Board Chairmen.
Merely having a compliance manual and procedures is not enough. Employees must be trained and given refresher training on BSA compliance.
Every size bank MUST have a thorough compliance program. The quality of the compliance program is not commensurate with the size of the institution.
RYAN RASSKE
Not having a top-down approach when implementing a BSA/AML program. If senior management is unaware of the regulatory requirements and fails to support these efforts, your bank will have a very difficult time moving forward.
Lack of resources. Even though the BSA/AML compliance function does not generate revenue for the bank, it is necessary to have enough resources available to maintain compliance. These resources may come in the form of additional manpower or new systems that will cost the bank money. However, by dedicating sufficient resources early in the process, it will ultimately save the bank money by avoiding regulatory fines and reputation risk often generated from poor compliance.
Not up-dating or testing the bank's individual BSA/AML functions. Some banks may feel comfortable with certain BSA/AML procedures and shift their focus to other issues within their institution. As time goes on, mistakes begin to occur and possible discrepancies cause the original process to operate differently. If a bank fails to monitor the various BSA/AML processes on a regular basis, they may experience serious problems by the time an examiner begins to looks at them.
BARRY THOMPSON
Priority one: training the staff and especially those people involved with
SAR reporting. One financial institution had a staff member threaten a
customer with filing a SAR if the customer didn't provide the information
requested.
The compliance member who handles BSA/AML must have been educated in how
money laundering operates. I have had several calls where people were trying
to determine if their problem qualifies as money laundering.
Be sure that any deficiencies reported in the last three compliance
audits or examinations have been corrected. This is still a major failure
with financial institutions that view compliance as a secondary concern.
BankersOnline is a free service made possible by the generous support of our advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all banking professionals. Support our advertisers and sponsors by clicking through to learn more about their products and services.
Print Friendly!
Email This Article!
Discuss NOW!
