Representatives from four banking regulators today shared their agencies’ current supervisory priorities, including a proposed Bank Secrecy Act program rule to require financial institutions to establish and maintain risk-based anti-money laundering programs.
Speaking at the ABA/ABA Financial Crimes Enforcement Conference, representatives from the Financial Crimes Enforcement Network, FDIC, Federal Reserve and Office of the Comptroller of the Currency provided updates about what their agencies are working on as well as their areas of focus for coming months. One is a proposed FinCEN rule to have banks add requirements, including elevating a new mandatory written risk assessment process, as the foundation of an “effective, risk-based and reasonably designed” AML/CFT program. The Fed, FDIC and OCC have proposed aligning each agency’s BSA compliance program requirements with FinCEN’s proposal.
James Martinelli, deputy associate director of the policy division at FinCEN, couldn’t comment on what changes to the proposal his agency may or may not make, but he did provide a breakdown of the public comments received about it. One common theme was the need for greater clarity about what FinCEN means when it requires an “effective, risk-based and reasonably designed program.”
“We don’t actually define those terms, and there were several commenters who sought clarification on what an ‘effective program’ means,” he said.
Other common themes in the comments were concerns that FinCEN’s language differed somewhat from that used in the AML Act, which the rule would implement, and that the agency only provides a six-month implementation period for the new requirements.
“I want to assure the audience that your comments do make a difference,” Martinelli told conference attendees. “We do read them and take them into account.”
Regulatory areas of focus
One priority for the FDIC has been third-party risk management, said Michael Benardo, associate director of the AML and cyber fraud branch at the agency. The FDIC released guidance for community banks on third-party risk earlier this year. Another priority has been updating its rules concerning the use of the FDIC logo and claims of deposit insurance, with Benardo citing examples of nonbank institutions falsely claiming to be FDIC insured. Then there is check fraud, which has been increasing despite the declining use of paper checks among bank customers.
“From a consumer education perspective and an examiner education perspective, we’re just trying to make sure everyone understands that this is a big problem,” he said.
Donna Murphy, deputy comptroller for compliance risk policy at the OCC, said addressing fraud is a priority for her agency and it is exploring ways to provide additional guidance or support for banks on the issue. Another priority concerns bank data and data quality, she said.
“Lack of data quality or insufficient data quality can cause problems across the board, particularly in AML programs,” Murphy said. “We have seen some issues and are definitely focused on data governance and data quality issues. That feeds into banks that are implementing new or emerging technologies – if your data has gaps or issues and you try to put a new layer of technology on top of that… that can exacerbate the problem.”
