Articles | Videos

i

ARTICLE

OFAC Compliance Series | Part 5 of a 5 Part Series

Part 5: OFAC Independent Audits and Evaluations

By: Maleka Ali

Probably the best control an organization has in its OFAC controls arsenal is an OFAC scanning system. However, some organizations have been criticized for being too reliant on those systems when they weren't working properly. So, in order to list them as a control, you must ensure they are working properly.

Manual or Automated
That being said, regulations don’t say everyone and everything must be automated. It says manual or automated.

There may be certain transactions; say, for example, new employees, that your procedures/process is to check these manually, and that may be sufficient for the volume and the risk. However, scanning your entire database of customers every time there is an OFAC update is not something you could easily do manually. Whatever processes you use, you will have to justify that they are sufficient for catching transactions that are in violation of OFAC.

Download the article here.

i

ARTICLE

OFAC Compliance Series | Part 4 of a 5 Part Series

Part 4: Internal Controls to Lower Your Inherent Risk of an OFAC Violation

By: Maleka Ali

During Parts 1 through 3 of our OFAC series, we reviewed program basics, building your risk assessment methodology and tips and tricks for your risk assessment. Now, let's talk about internal controls.
Controls are what lower your inherent risk of an OFAC violation at your organization, so it is important to understand what additional tools you might have or need to mitigate that risk.

Controls might include infrastructure, detection tools and software, training, and independent audits. And of course, all of this needs to follow a risk-based approach. Your OFAC program and controls should also be tempered by the organization’s risk appetite and available resources to avoid both regulatory and OFAC violations, and your program’s policies and procedures must match or exceed the risk.

Download the article here.

i

ARTICLE

OFAC Compliance Series | Part 3 of a 5 Part Series

Part 3: Tips and Tricks for a Successful OFAC Risk Assessment

By: Maleka Ali

OFAC risk assessments are the strength of any well-built OFAC compliance program. An efficient and effective program cannot be developed without knowing where the risks are hiding. Many businesses, both financial and non-financial institutions, are conducting assessments to uncover risks, design strong OFAC compliance programs, and mitigate their exposure.
The Federal Financial Institutions Examination Counsel’s BSA/AML Examination Manual says that examiners may utilize a risk-based approach. However, the enforcement standards of the Office of Foreign Assets Control remain a strict liability for violations, and executive orders are not risk-based. That being said, your OFAC program should be tempered by your organization’s risk appetite and your available resources to avoid both regulatory and OFAC violations. Your OFAC program’s policies and procedures must also match or exceed the risk. Your OFAC Risk Assessment is what will help you drive your OFAC program and allow the examiners to identify the strengths and weaknesses of your program.

Download the article here.

i

ARTICLE

OFAC Compliance Series | Part 2 of a 5 Part Series

Part 2: OFAC Risk Assessment Methodology

By: Maleka Ali

Your company’s OFAC risk assessment is what drives your OFAC program’s policies and procedures and allows examiners to identify the strengths and weaknesses of your program.
• The FFIEC BSA/AML Exam Manual says that examiners may utilize a risk-based approach, however, OFAC’s enforcement standards remain a strict liability for violations and executive orders are not risk based.

• That being said, your OFAC program should be tempered by the Institution’s risk appetite and available resources to avoid both regulatory and OFAC violations.

• Your program’s policies and procedures must match or exceed the risk.

Download the article here.

i

ARTICLE

OFAC Compliance Series | Part 1 of a 5 Part Series

Introduction: OFAC Compliance Obligations

By: Maleka Ali

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) administers and enforces sanctions based on U.S. foreign policy and national security goals against targeted individuals and entities.
This includes entities and individuals such as foreign countries, regimes, terrorists, international narcotics traffickers, and those engaged in activities related to the proliferation of weapons of mass destruction.

OFAC acts under the President’s wartime and national emergency authorities, along with powers granted by legislation, to impose controls on transactions and freeze assets. Many of the sanctions are based on international mandates and involve cooperation with allied governments.

Download the article here.

i

ARTICLE

NEW YORK STATE OF MIND

ACAMS Exclusive

By: Maleka Ali

“It comes down to reality and it’s fine with me ‘cause I’ve let it slide” might be lyrics from our favorite Billy Joel song, but to many of us a New York state of mind is a reality.
Recently, the New York Department of Financial Services (NYDFS) passed a transaction monitoring regulation known as Section 504. Many might say, “I’m not in New York, so this will not affect me.” However, many of the requirements in the final rule are expectations already in place by examiners across the country. What makes this new regulation unique is that the NYDFS will also require an annual certification from each institution they regulate. The growing concern from those not in New York is that this is the first time the examiners’ expectations for model validation have been put to pen and paper in a regulation specifically addressing anti-money laundering (AML) monitoring programs. I predict New York’s ruling will not be isolated and other states and regulators will quickly follow suit. The new rule will be effective January 1, 2017, and the first annual confirmation of compliance will be due starting April 15, 2018.

Download the article here.

i

ARTICLE

TO RISK OR NOT TO RISK

Five Questions to Ask Yourself Before Attempting to “De-risk” Your Institution

By: Maleka Ali

We have been getting mixed signals about a new anti-money laundering trend of banks ‘de-risking” undesirable accounts.
Rumors started in 2013 and made public in early 2014 that financial institutions were facing regulatory scrutiny, criticisms and fines over banking higher risk businesses. Soon the term “Operations Choke Point” was being whispered throughout the industry as the process of eliminating businesses perceived to be “too risky” by choking off their access to financial services.

This was being accomplished by having bank examiners place pressure on banks to do more when it came to due diligence of higher risk businesses. Institutions unwilling or understaffed or unequipped to take on this additional monitoring were closing these businesses in order to avoid regulatory fines.

Download the article here.

i

ARTICLE

WHEN WAS YOUR LAST CHECKUP?

Do Community Banks Pay the Price for Big Bank Crimes?

By: Maleka Ali

We have been getting mixed signals about a new anti-money laundering trend of banks ‘de-risking” undesirable accounts.
I hate going to the dentist. So of course I avoid the annual checkup and the small aches and pains when I eat cold or sweet foods for as long as I can, only to risk ending up rushing to the dentist for an emergency root canal.

Just like avoiding the dentist, we can’t put off having a regular checkup of our BSA program to avoid serious problems. It might seem like a waste of time and resources especially if you feel you have low risk, but the consequences of not being prepared are huge.

Download the article here.

i

ARTICLE

NINE COMMON WEAKNESSES IN A BSA/AML PROGRAM…

And How to Find Them Before Examiners Do.

By: Maleka Ali

Over the last several months, there have been headlines warning of increased scrutiny by examiners on BSA/AML and dire consequences for banks unprepared for their exams.
Many financial institutions, both big and small, are being hit with enforcement actions and severe penalties.

What should you be looking for and what can you do to shore up your BSA/AML program to ensure you don’t fall under the regulator’s lash? Let’s address nine of the most common weaknesses.

The first four weaknesses all address lack of structure or organization. Many institutions have been criticized for not having an effective suspicious activity monitoring program. It must be risk based, but to be effective it must also include four basic components.

Download the article here.

VIDEO

RISK ASSESSMENTS

The foundation of any good BSA/AML compliance program is the institution’s risk assessment. Recent enforcement actions cite weak risk assessments as an instigating factor.

VIDEO

MODEL VALIDATIONS

The AML/OFAC/Fraud environment continues to evolve as regulatory changes and an increased focus on quantitative models are driving the need for model validations.

VIDEO

STAFFING ASSESSMENTS

Recent government actions have faulted financial institutions for having insufficient staffing to adequately review suspicious activity. It is crucial to periodically assess the adequacy of your AML resources to assure it is commensurate with your risk.