bsa compliance from the trenches
TRANSCRIPT
Denver, Colorado
BSA Compliance From The Trenches
2
Jay Postma, CAMSPresidentMSB Compliance Inc.
Founder and President of MSB Compliance Inc. providing BSA/AML and OFAC compliance consulting to MSBs, TPPPs and banks. Intrepreneur within the Federal Reserve Bank of Atlanta and entrepreneur at Towne Services, El Banco de Nuestra Comunidad, Ingo Money and other entities; creating value while ensuring effective risk mitigation. Conference speaker on BSA/AML compliance issues, including: Western Union’s Consumer Protection & Compliance Conferences, Caltech Entrepreneur's Forum, American Conference Institute, National Money Transmitters Association, South West Border Anti-Money Laundering Alliance, and others.Co-founder and Co-Chairman of the Atlanta ACAMS Chapter
We Are At War
• 14 years ago...
• And since the beginning
of mankind...
4
Against People Who Would Hurt and Abuse Others
5
Abuse, Sell and Enslave Others
Who would Traffic, Smuggle,
6
Who Take Advantage of the Elderly
7
Who Commit Fraud Against The Unwary,
the Vulnerable, the Naive (including us)
But We Are Not Alone
Thankfully, We are not alone!
9
» Who serve and provide a great example.» Honor, ethical conduct, bravery, self sacrifice» Servant leadership, perseverance, training, » Preparedness, readiness, watchfulness» Swift action, teamwork, dedication, » humility
We Are Part of a Team!
» What we do matters; it makes a difference» We are part of the monumental struggle… good
against evil, rule of law against anarchy, servant leadership and brotherhood against greed and abusive behavior
» Thank you for investing your time, treasure and talents to help serve and protect others!
A High and Important Calling
11
ObservationEmployees too often don’t understand that they are part of something important….
That their efforts make a difference….
In protecting the company, its employees, its customers and the communities they serve.
Do You Communicate the Big Picture?Do You Catch Employees Doing Things Right and Express
Appreciation?
12
A Culture of Compliance
13
Fulfillment (n)
ObservanceConformityDisobedience (antonym)
Obedience (n)
AcquiescenceAgreementFalling in lineSubmissionResistance (antonym)
Compliance is: Doing it right the first time...Adhering to internal policies and procedures… Maintaining a standard that is in accordance with laws and regulations
Compliance Defined
14
“The fact is, when we look at the issues underlying BSA infractions, they can almost always be traced back to decisions and actions of the institution’s Board and senior management.”
Deficiencies fall into four (4) areas:
• Culture of Compliance• Resources Committed to BSA compliance• Strength of Information Technology and monitoring processes• Quality of risk management
Thomas J. CurryComptroller of the Currency
ACAMS, March 17, 2014
Decisions of Board & Senior Managementare Critical
15
Board and senior management must send right message AND also “walk the talk”
• by ensuring that there is an alignment between good compliance practices and the bank’s system of compensation and incentives.
• by providing increased resources• by increasing the authority and status of the BSA Officer within the organization• by ensuring proper incentives are incorporated throughout the organization
Thomas J. CurryComptroller of the Currency
ACAMS, March 17, 2014
Walk the Talk
16
What might compliance look like?
Knowing what you are required to do and getting it done• A Culture of Compliance• Ethical Conduct• Know Your Customer• Secure and verify customer ID• Report cash transactions as required• Be alert for, monitor activity and report Suspicious
Activity
17
FinCEN’s recent Advisory does NOT say anything that you have not heard before…
It is another tool you can use to influence your organization’s leadership…to help them live and breathe BSA/AML the same way that you do.
“Based on the enforcement cases I have seen time and time again, both during my time as a prosecutor at the U.S. Department of Justice and now as Director of FinCEN, I can say without a doubt that a strong culture of compliance could have made all the difference. If I were to find myself responsible for BSA/AML compliance within any financial institution, my first order of business would be to pay attention to these core, fundamental concepts. Because once you have a strong culture in place, including the support of your institution’s leadership, you have a firm foundation on which to build an effective program.”
Jennifer Shasky Calvery, Director, FinCENFIBA, Anti-Money Laundering Conference
February 20, 2014
Culture of Compliance
18
What is Our Compliance Culture?(What role might I play in helping further strengthen it?)
• Do any signs of a lax, Non-Compliance Culture exist?• FinCEN’s Culture guidance – FIN-2014-A007 -
“Advisory to U.S. Financial Institutions on Promoting a Culture of Compliance”
19
A financial institution can strengthen its BSA/AML compliance program by ensuring:• Engaged Leadership
“its leadership actively supports and understands compliance efforts”• Compliance not compromised
“efforts to manage and mitigate BSA/AML deficiencies and risks are not compromised by revenue interests”
• Lines of Communication“relevant information from the various departments within the organization is shared with
compliance staff to further BSA/AML efforts”• Human and Technological Resources
“the institution devotes adequate resources to its compliance function”• Competent Independent Testing
“the compliance program is effective by, among other things, ensuring that it is tested by an independent and competent party”
• Purpose“its leadership and staff understand the purpose of its BSA/AML efforts and how its
reporting is used”
6 Ways to Strengthen Our Program
20
Common Areas for Improvement
» Corporate Governance» Board Minutes» Issue Tracking» Succession Planning
21
Planning, Risk Assessment and Program
22
The “4 Pillars”I. Development of Internal Policies,
Procedures and Controls• Risk focused policies• Procedures for each area or function• Controls to Ensure Compliance• Monitoring and Reporting Systems
II. Designation of Compliance Officer• Sufficient time, resources and authority
III. Training Program• Content based on current procedures and systems• Relevant to specific audience position and
responsibilities• Documentation
IV. Independent Testing• Sufficient scope and testing• Reporting to the Board of Directors• Timely action to address any concerns or weaknesses
23
Hard Target OR Soft Pushover?Do not compromise yourselfwith exceptionspoor documentationlack of focus or willpower
Remember! Be attentive!Your skills to better know and serve good
customers ALSO help you identify and protect the company from bad ones!
24
Stay on the Safe Side
•Recognize Danger•Be Cautious and Think•Staying Safe is the reward
for knowing what to do and doing it
25
Common Areas for Improvement
» Risk Assessment - not existent / not accurate» Program - where is it? Inaccurate. Not tailored.» Lack of Controls - How/When do you test/verify?
26
Preparation / Training
27
Common Areas for Improvement
» If training is not documented, it didn’t happen.» Demonstrate that all employees adequately trained.» Timely training of new employees» Extra training where needed, e.g. BSA officer, staff
28
Operations / Execution
29
Common Areas for Improvement» FinCEN registration
» no copies present» Company does not own itself» Actually - company has no agents» Late Renewal / No re-registration when required
» CTRs missing or incorrect» Inter-company transfers» Checks cashed to Non-Natural Persons
» Endorsement incorrect, insufficient too…
30
Supporting Our Special Teams
31
Common Areas for Improvement
» Suspicious Activity» Employees thinking “Western Union will see and
report it”» Poorly written, useless narratives» Not contacting law enforcement or principal
when it makes sense to do so
32
Continuous ImprovementThat which doesn't kill us makes us stronger
33
Improving is “clearly a better option than simply abandoning customers in higher risk categories because a lack of resources makes it difficult to manage the risk.”“It’s clear that we all need to step up our game, both banks and Government alike, because the challenges are growing by the day.”
Thomas J. Curry, U.S. Comptroller of the Currency; ACAMS, March 17, 2014
Continuous Improvement!Step Up Our Game!
34
Common Areas for Improvement» Independent Reviews
» Please use a knowledgeable, trained person» Not a related party
» Report should identify people and bios conducting» Insufficient scope, testing, branch visits, frequency
» Follow Through on what is promised to IRS, States and Banks» Corporate Governance… issue tracking… accountability…
» Staffing» be on top of it… get it right
35
Miscellaneous Issues
36
Common Areas for Improvement» Background checks not present when required» States not notified of change of address» States not informed of supervisory changes when so required» Change in ownership or control
» State pre-approval or notification not handled correctly» FinCEN MSB re-registration requirement not recognized
» Required signage not maintained, accurately posted
37
EndgameA Risk Based Program Reasonably Designed to Effectively Deter, Detect, and Report Suspicious Activity and Prevent Abuse of Financial Services for Money Laundering and Terrorist Financing.
38
Pillars of Protection• Culture of Compliance and Ethical Behavior
• Supported by Legal, HR and Security• Impacting performance evaluation, salary administration, and
promotions• The “4 Pillars”
1. Board-approved…risk-based…tailoredwritten policies, procedures…and controls
2. Compliance OfficerBoard appointedsufficiently supported by staffing, systems and budget
3. Ongoing TrainingBoard, Executive Management and StaffDeeper, additional training where risk dictates
4. Independent testing• You, Me, We - Together
39
www.LinkedIn.com/in/jaypostmawww.MSBComplianceInc.com
www.Twitter.com/MSBCompliance
Weekly newsletter: www.paper.MSBComplianceInc.com
Questions?Jay Postma, CAMSPresidentMSB Compliance [email protected]