Knowledge Base

i

HANDOUT

ASK Webinar Series

Preparing for the AML Act of 2020

Handout available for August 17, 2021 webinar.
i

ARTICLE

OFAC Compliance Series | Part 5 of a 5 Part Series

Part 5: OFAC Independent Audits and Evaluations

By: Maleka Ali

Probably the best control an organization has in its OFAC controls arsenal is an OFAC scanning system. However, some organizations have been criticized for being too reliant on those systems when they weren't working properly. So, in order to list them as a control, you must ensure they are working properly.
Manual or Automated
That being said, regulations don’t say everyone and everything must be automated. It says manual or automated.

There may be certain transactions; say, for example, new employees, that your procedures/process is to check these manually, and that may be sufficient for the volume and the risk. However, scanning your entire database of customers every time there is an OFAC update is not something you could easily do manually. Whatever processes you use, you will have to justify that they are sufficient for catching transactions that are in violation of OFAC.

Download the article here.

i

ARTICLE

OFAC Compliance Series | Part 4 of a 5 Part Series

Part 4: Internal Controls to Lower Your Inherent Risk of an OFAC Violation

By: Maleka Ali

During Parts 1 through 3 of our OFAC series, we reviewed program basics, building your risk assessment methodology and tips and tricks for your risk assessment. Now, let's talk about internal controls.
Controls are what lower your inherent risk of an OFAC violation at your organization, so it is important to understand what additional tools you might have or need to mitigate that risk.

Controls might include infrastructure, detection tools and software, training, and independent audits. And of course, all of this needs to follow a risk-based approach. Your OFAC program and controls should also be tempered by the organization’s risk appetite and available resources to avoid both regulatory and OFAC violations, and your program’s policies and procedures must match or exceed the risk.

Download the article here.

i

ARTICLE

OFAC Compliance Series | Part 3 of a 5 Part Series

Part 3: Tips and Tricks for a Successful OFAC Risk Assessment

By: Maleka Ali

OFAC risk assessments are the strength of any well-built OFAC compliance program. An efficient and effective program cannot be developed without knowing where the risks are hiding. Many businesses, both financial and non-financial institutions, are conducting assessments to uncover risks, design strong OFAC compliance programs, and mitigate their exposure.
The Federal Financial Institutions Examination Counsel’s BSA/AML Examination Manual says that examiners may utilize a risk-based approach. However, the enforcement standards of the Office of Foreign Assets Control remain a strict liability for violations, and executive orders are not risk-based. That being said, your OFAC program should be tempered by your organization’s risk appetite and your available resources to avoid both regulatory and OFAC violations. Your OFAC program’s policies and procedures must also match or exceed the risk. Your OFAC Risk Assessment is what will help you drive your OFAC program and allow the examiners to identify the strengths and weaknesses of your program.

Download the article here.

i

ARTICLE

OFAC Compliance Series | Part 2 of a 5 Part Series

Part 2: OFAC Risk Assessment Methodology

By: Maleka Ali

Your company’s OFAC risk assessment is what drives your OFAC program’s policies and procedures and allows examiners to identify the strengths and weaknesses of your program.
• The FFIEC BSA/AML Exam Manual says that examiners may utilize a risk-based approach, however, OFAC’s enforcement standards remain a strict liability for violations and executive orders are not risk based.

• That being said, your OFAC program should be tempered by the Institution’s risk appetite and available resources to avoid both regulatory and OFAC violations.

• Your program’s policies and procedures must match or exceed the risk.

Download the article here.

i

ARTICLE

OFAC Compliance Series | Part 1 of a 5 Part Series

Introduction: OFAC Compliance Obligations

By: Maleka Ali

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) administers and enforces sanctions based on U.S. foreign policy and national security goals against targeted individuals and entities.
This includes entities and individuals such as foreign countries, regimes, terrorists, international narcotics traffickers, and those engaged in activities related to the proliferation of weapons of mass destruction.

OFAC acts under the President’s wartime and national emergency authorities, along with powers granted by legislation, to impose controls on transactions and freeze assets. Many of the sanctions are based on international mandates and involve cooperation with allied governments.

Download the article here.

i

ARTICLE

NEW YORK STATE OF MIND

ACAMS Exclusive

By: Maleka Ali

“It comes down to reality and it’s fine with me ‘cause I’ve let it slide” might be lyrics from our favorite Billy Joel song, but to many of us a New York state of mind is a reality.
Recently, the New York Department of Financial Services (NYDFS) passed a transaction monitoring regulation known as Section 504. Many might say, “I’m not in New York, so this will not affect me.” However, many of the requirements in the final rule are expectations already in place by examiners across the country. What makes this new regulation unique is that the NYDFS will also require an annual certification from each institution they regulate. The growing concern from those not in New York is that this is the first time the examiners’ expectations for model validation have been put to pen and paper in a regulation specifically addressing anti-money laundering (AML) monitoring programs. I predict New York’s ruling will not be isolated and other states and regulators will quickly follow suit. The new rule will be effective January 1, 2017, and the first annual confirmation of compliance will be due starting April 15, 2018.

Download the article here.

i

ARTICLE

TAILORING THE STAFFING ASSESSMENT

Using the Risk Assessment to Drive Staffing

By: Brienne Bryson

Like everything else in the AML/BSA/CTF program, the staffing assessment and resource allocation is risk-based.

Nearly as important as understanding the risk to an institution is understanding the staffing expertise and resources needed to adequately mitigate that risk. A lack of experienced and qualified staff may directly affect an institution’s ability to mitigate and manage the risks identified in risk assessment.

Attracting and retaining qualified resources is often a struggle for financial institutions that have a finite amount of monetary resources, especially for those that determine that investing in a “cost center,” such as compliance, is not as lucrative and beneficial to the business as a “revenue center.” However,
regulating agencies have shown through both their guidance and enforcement actions that failing to allocate adequate resources, personnel and financial, for the AML/BSA and CTF departments can be a costly mistake.

Download the article here.

i

ARTICLE

AUDITING FOR EFFECTIVE TRAINING

By: Maleka Ali

“Banking organizations must develop, implement, and maintain effective AML programs that address the ever-changing strategies of money launderers and terrorists who attempt to gain access to the U.S. financial system.” (FFIEC BSA/AML Examination Manual-Introduction)

Anti-money laundering (AML) statutes were first introduced in the United States in the 1970s in the form of the Bank Secrecy Act. This established basic record keeping and reporting requirements and has since expanded in complexity to also require banks to establish procedures to ensure compliance with the Bank Secrecy Act (BSA).

The regulations dictated that financial institutions must establish and maintain a BSA/AMLcompliance program that includes the following four pillars:

1. A system of internal controls to ensure ongoing compliance
2. Independent testing of BSA compliance
3. A specifically designated person or persons responsible for managing BSA compliance
4. Training for appropriate personnel

Download the article here.

i

ARTICLE

TO RISK OR NOT TO RISK

Five Questions to Ask Yourself Before Attempting to “De-risk” Your Institution

By: Maleka Ali

We have been getting mixed signals about a new anti-money laundering trend of banks ‘de-risking” undesirable accounts.
Rumors started in 2013 and made public in early 2014 that financial institutions were facing regulatory scrutiny, criticisms and fines over banking higher risk businesses. Soon the term “Operations Choke Point” was being whispered throughout the industry as the process of eliminating businesses perceived to be “too risky” by choking off their access to financial services.

This was being accomplished by having bank examiners place pressure on banks to do more when it came to due diligence of higher risk businesses. Institutions unwilling or understaffed or unequipped to take on this additional monitoring were closing these businesses in order to avoid regulatory fines.

Download the article here.

i

ARTICLE

WHEN WAS YOUR LAST CHECKUP?

Do Community Banks Pay the Price for Big Bank Crimes?

By: Maleka Ali

We have been getting mixed signals about a new anti-money laundering trend of banks ‘de-risking” undesirable accounts.
I hate going to the dentist. So of course I avoid the annual checkup and the small aches and pains when I eat cold or sweet foods for as long as I can, only to risk ending up rushing to the dentist for an emergency root canal.

Just like avoiding the dentist, we can’t put off having a regular checkup of our BSA program to avoid serious problems. It might seem like a waste of time and resources especially if you feel you have low risk, but the consequences of not being prepared are huge.

Download the article here.

i

ARTICLE

NINE COMMON WEAKNESSES IN A BSA/AML PROGRAM…

And How to Find Them Before Examiners Do.

By: Maleka Ali

Over the last several months, there have been headlines warning of increased scrutiny by examiners on BSA/AML and dire consequences for banks unprepared for their exams.
Many financial institutions, both big and small, are being hit with enforcement actions and severe penalties.

What should you be looking for and what can you do to shore up your BSA/AML program to ensure you don’t fall under the regulator’s lash? Let’s address nine of the most common weaknesses.

The first four weaknesses all address lack of structure or organization. Many institutions have been criticized for not having an effective suspicious activity monitoring program. It must be risk based, but to be effective it must also include four basic components.

Download the article here.

VIDEO

RISK ASSESSMENTS

The foundation of any good BSA/AML compliance program is the institution’s risk assessment. Recent enforcement actions cite weak risk assessments as an instigating factor.

VIDEO

MODEL VALIDATIONS

The AML/OFAC/Fraud environment continues to evolve as regulatory changes and an increased focus on quantitative models are driving the need for model validations.