Articles | Videos

Manual or Automated
That being said, regulations don’t say everyone and everything must be automated. It says manual or automated.

There may be certain transactions; say, for example, new employees, that your procedures/process is to check these manually, and that may be sufficient for the volume and the risk. However, scanning your entire database of customers every time there is an OFAC update is not something you could easily do manually. Whatever processes you use, you will have to justify that they are sufficient for catching transactions that are in violation of OFAC.

Download the article here.

Controls are what lower your inherent risk of an OFAC violation at your organization, so it is important to understand what additional tools you might have or need to mitigate that risk.

Controls might include infrastructure, detection tools and software, training, and independent audits. And of course, all of this needs to follow a risk-based approach. Your OFAC program and controls should also be tempered by the organization’s risk appetite and available resources to avoid both regulatory and OFAC violations, and your program’s policies and procedures must match or exceed the risk.

Download the article here.

The Federal Financial Institutions Examination Counsel’s BSA/AML Examination Manual says that examiners may utilize a risk-based approach. However, the enforcement standards of the Office of Foreign Assets Control remain a strict liability for violations, and executive orders are not risk-based. That being said, your OFAC program should be tempered by your organization’s risk appetite and your available resources to avoid both regulatory and OFAC violations. Your OFAC program’s policies and procedures must also match or exceed the risk. Your OFAC Risk Assessment is what will help you drive your OFAC program and allow the examiners to identify the strengths and weaknesses of your program.

Download the article here.

• The FFIEC BSA/AML Exam Manual says that examiners may utilize a risk-based approach, however, OFAC’s enforcement standards remain a strict liability for violations and executive orders are not risk based.

• That being said, your OFAC program should be tempered by the Institution’s risk appetite and available resources to avoid both regulatory and OFAC violations.

• Your program’s policies and procedures must match or exceed the risk.

Download the article here.

This includes entities and individuals such as foreign countries, regimes, terrorists, international narcotics traffickers, and those engaged in activities related to the proliferation of weapons of mass destruction.

OFAC acts under the President’s wartime and national emergency authorities, along with powers granted by legislation, to impose controls on transactions and freeze assets. Many of the sanctions are based on international mandates and involve cooperation with allied governments.

Download the article here.

Recently, the New York Department of Financial Services (NYDFS) passed a transaction monitoring regulation known as Section 504. Many might say, “I’m not in New York, so this will not affect me.” However, many of the requirements in the final rule are expectations already in place by examiners across the country. What makes this new regulation unique is that the NYDFS will also require an annual certification from each institution they regulate. The growing concern from those not in New York is that this is the first time the examiners’ expectations for model validation have been put to pen and paper in a regulation specifically addressing anti-money laundering (AML) monitoring programs. I predict New York’s ruling will not be isolated and other states and regulators will quickly follow suit. The new rule will be effective January 1, 2017, and the first annual confirmation of compliance will be due starting April 15, 2018.

Download the article here.

Rumors started in 2013 and made public in early 2014 that financial institutions were facing regulatory scrutiny, criticisms and fines over banking higher risk businesses. Soon the term “Operations Choke Point” was being whispered throughout the industry as the process of eliminating businesses perceived to be “too risky” by choking off their access to financial services.

This was being accomplished by having bank examiners place pressure on banks to do more when it came to due diligence of higher risk businesses. Institutions unwilling or understaffed or unequipped to take on this additional monitoring were closing these businesses in order to avoid regulatory fines.

Download the article here.

I hate going to the dentist. So of course I avoid the annual checkup and the small aches and pains when I eat cold or sweet foods for as long as I can, only to risk ending up rushing to the dentist for an emergency root canal.

Just like avoiding the dentist, we can’t put off having a regular checkup of our BSA program to avoid serious problems. It might seem like a waste of time and resources especially if you feel you have low risk, but the consequences of not being prepared are huge.

Download the article here.

Many financial institutions, both big and small, are being hit with enforcement actions and severe penalties.

What should you be looking for and what can you do to shore up your BSA/AML program to ensure you don’t fall under the regulator’s lash? Let’s address nine of the most common weaknesses.

The first four weaknesses all address lack of structure or organization. Many institutions have been criticized for not having an effective suspicious activity monitoring program. It must be risk based, but to be effective it must also include four basic components.

Download the article here.