• BSA/AML Compliance - Another Warning From Regulators
  • March 12, 2013
  • Law Firm: Jones Walker LLP - New Orleans Office
  • Thomas J. Curry, Comptroller of the Currency, spoke earlier this week to the Institute of International Bankers Annual Conference on the fact that the OCC and other regulators have targeted Bank Secrecy Act/Anti-Money Laundering ("BSA/AML") compliance as a top operational risk for financial institutions. While BSA/AML compliance requirements have been around for many years, the expansion in emerging technology systems by financial institutions and non-financial institutions have posed increased risks to the system. Newer technology, products, and services being offered often provide easier and quicker access to financial services, but such technologies can also be used by criminals to instantaneously and anonymously move money throughout the world. These remarks are yet another reminder from the regulators that BSA/AML compliance will face increased scrutiny over the next few years, and all financial institutions, regardless of size, need to pay attention to these warnings.

    The operational risks stemming from emerging technologies provide significant safety and soundness concerns, which have caught the eye of regulators. With the rapid development of mobile and online banking, prepaid cards, smart ATM machines, mobile wallets, and cloud-based payment processes, Curry stated that: "[s]enior bank compliance personnel need to be involved in the product development process to ensure that their institution is appropriately managing the risk these technologies entail." Recent enforcement actions and Curry’s remarks have stressed that the health of a bank’s compliance culture must start at the top and that significant resources and technology must be employed. As technologies continue to evolve, so must a bank’s compliance program and especially its BSA/AML program.

    Curry re-emphasized certain trends and areas of concerns that the regulators will be paying closer attention to:

    • Lack of compliance resources-The BSA/AML program must be a focus to the financial institution and must grow as the institution grows and more programs are added;
    • International activities-Foreign banking activities often carry increased risks associated with them and institutional controls need to be commensurate with the risks;
    • Third-party relationships-It is extremely important for banks to monitor their relationships with vendors, correspondent banks, and payment processors. While regulators have monitored these relationships over the years, such relationships continue to pose significant safety and soundness concerns; and
    • Both large and small banks-While much of the focus has been on large international financial institutions, there are significant risks for smaller banks in managing certain higher-risk activities.

    Curry’s speech is another warning shot that regulators will focus greater attention on emerging technologies and BSA/AML compliance programs. Your financial institution is reminded to always pause when developing new products to review the operational risks involved in the products and make sure that your institutions properly keeps up with the technology.