This is the second in a series of blog posts about banking industry regulator panels. The first post highlighted takeaways from FIBA’s “Ask the Regulators” panel.
South Florida Banking Institute’s (SFBI) annual BSA/AML Regulator Panel brought together bankers, directors, attorneys, auditors and consultants to hear directly from regulators about the issues most affecting Florida banks right now.
Representatives from the Federal Reserve of Atlanta, the Office of the Comptroller of the Currency (OCC), the Federal Deposit Insurance Corporation (FDIC), and the Florida Office of Financial Regulation (OFR) shared their insights and answered questions from attendees.
The regulators started off with a review of recent examination findings and trends, including issues with BSA/AML/OFAC risk assessments, board reporting, model validations and culture. We will explore these areas in more detail in a future blog post. For now, let’s look at three other top takeaways from this year’s SFBI regulator panel related to deregulation, mergers and acquisitions, and FinCEN’s Final Rule on customer due diligence (CDD).
Despite all the talk going on in Washington, vast deregulation related to anti-money laundering is not expected.
The regulators emphasized that BSA/AML compliance is a safety and soundness issue because of the reputational, regulatory, legal, and financial risk exposure for a financial institution found to be involved in money laundering schemes or willfully violating the statutes.
They cited a recent news release by the Financial Crimes Enforcement Network (FinCEN) that highlights how BSA reporting by financial institutions can aid law enforcement agencies in criminal investigations.
Mergers and acquisitions
Consolidation is expected to continue in the industry.
If your financial institution is in the market to acquire, you should have a strong BSA program in place in order to obtain final approval from regulatory agencies for M&A activity. Regulators also cautioned that buyers should perform appropriate due diligence to confirm that their targets have adequate BSA programs and that the selling institution has not made cuts on BSA to present a more attractive financial condition.
Additionally, banks considering a merger or acquisition should have detailed post-deal integration plans, including a timeline to address the integration of customer and transactional data for risk assessments, automated BSA/AML monitoring and customer risk rating purposes. Perhaps there are customers that pose higher risks that may not align with the risk profile and appetite of acquiring Bank? Acquiring firms should perform due diligence reviews to understand the risks of the customers they intend to maintain.
FinCEN Final Rule on CDD
Does your bank have a plan to implement FinCEN’s Final Rule on customer due diligence? And does that plan address training, operations and systems?
Regulators are requesting implementation plans from financial institutions. They suggested banks should self-test their CDD processes by performing walk-throughs of scenarios from the perspective of onboarding of a new customer with a complex structure.
If banks plan to raise the percentage of beneficial ownership that they require from their customers (e.g., from 10% to the 25% limit permitted by the regulation), regulators are expecting the decision to be well documented and communicated to senior leadership. Does the board understand the change in risk to the institution? How does the bank plan on addressing the additional risk that it is taking on?
Banking professionals should stay informed about the how these emerging trends might affect their institutions in the months to come. If you have questions about AML compliance or other banking-related regulatory issues, please contact me or another member of Kaufman Rossin’s risk advisory services team.
Oscar Enriquez, CAMS, CPAML, MBA, is a risk advisory services manager in Kaufman Rossin’s Miami office. Kaufman Rossin is one of the top 100 CPA and advisory firms in the U.S. and offers risk advisory services for banks and other financial institutions, including anti-money laundering compliance, FINRA compliance, IT security consulting and regulatory compliance. Oscar can be reached at firstname.lastname@example.org.