On Feb. 9, the Trump Administration issued an executive order (E.O.) enforcing, “Federal Law with Respect to Transactional Criminal Organizations.” In it, the new president announced, “It shall be the policy of the executive branch to strengthen enforcement of Federal law in order to thwart transnational criminal organizations and subsidiary organizations, including criminal gangs, cartels, racketeering organizations, and other groups engaged in illicit activities …”
The action doesn’t come as a shock, though: after all, implementing heightened efforts to weed out criminal activity was one of the key platforms the Trump Administration rode to the White House.
But the order, one of many recent presidential actions, does seem to contradict Trump’s overwhelming deregulatory stance, by “ensuring Federal law enforcement agencies give a high priority and devote sufficient resources” to ending fraud, money laundering and enhancing cybersecurity.
To many in the banking industry, the E.O. seems to imply that the new administration will require stricter Bank Secrecy Act/Anti-Money Laundering (BSA/AML) regulations. If that’s the case, any actual rule changes wouldn’t happen overnight—since updates to regulations can take months, even years, to take effect—but the order, at least, serves as a wake-up call to financial institutions that BSA compliance could see renewed attention from examiners.
At any rate, financial institutions must anticipate the possibility of increased compliance requirements by taking stock of their existing BSA/AML audit procedures and programs.
Under BSA/AML, watch list screening is a major component, and potentially the most likely to receive additional scrutiny. With that in mind, we’ve provided the below chart to outline the differences between two of the major lists related to the BSA: 314a and the OFAC sanctions list.
In addition, financial institutions would be wise to review their BSA programs to ensure overall compliance. The below checklist gives your financial institution a solid foundation for ensuring your BSA program is sufficiently updated:
- Take a good look at your program as a whole, including a review of these standard BSA components:
- Risk Assessment
- Internal Controls
- Independent Testing
- Designated BSA Officer
- Ensure CDD and CIP policies and procedures are up to par—especially in light of FinCEN’s CDD Final Rule, which takes effect May 11, 2018—and as a good business practice to get to know your customers.
- Confirm monitoring systems are in place and sufficient. This means OFAC monitoring, 314a and transaction monitoring of customer accounts.
- Focus on data integrity within the organization, and look for ways to gain a holistic view of the customer.
- Set the tone at the top and focus on a culture of compliance. Everyone should communicate as one team—particularly the IT, cybersecurity and fraud/BSA departments—which historically have operated separately. This convergence is where the “heightened awareness” aspect of the E.O. plays out.
- Exercise caution and stay up-to-date on the changing regulatory and cybersecurity environment.
Keep It Simple
Keeping watch over the OFAC and 314a lists, in addition to all other BSA requirements can be an exhausting operational burden, especially considering they are retroactive in nature. Deploying regulatory compliance software that can automate screening for OFAC and other terrorist watch lists, as well as scan their customer base against additional lists, like 314a, greatly reduces operational costs and time spent adhering to various regulations.
With the possibility of a crackdown on regulations in the future, financial institutions should consider taking these proactive measures to ensure they remain compliant, should changes in legislation arise.
Amber Goodrich, compliance strategist for CSI Regulatory Compliance, has more than 10 years of financial industry experience. She is a Certified Regulatory Compliance Manager (CRCM) and Certified Bank Secrecy Act (BSA) Professional (CBAP).