COMPLIANCE
Fixing what is not broken:
Should you make changes to a satisfactory AML program?
A
n anti-money laundering (AML) program that has been deemed accept-
able by regulators has reached the pinnacle and there is nowhere to go
but down. So, why change anything? Changing controls in a program
that has been called satisfactory is risky. Change could lead to uncontrolled
risks and uncontrolled risks could lead to an unsatisfactory rating. What, then,
is the impetus to make a good AML program better and why do compliance
officers reevaluate or continue to monitor existing controls when those con-
trols have been found to be effective?
The primary reason that Bank Secrecy Act (BSA) officers change otherwise static compliance
programs is because the world does not stay the same. Thus, maintaining a static AML com-
pliance program is a risk in and of itself. By changing existing controls to move an AML pro-
gram forward, something better may be gained—a more comprehensive risk-rating
methodology, an efficient customer due diligence process, etc. There are other, equally
important, reasons to consider changing an AML program.
Changing priorities
In addition to protecting company and customer assets, a goal for any quality compliance
program is to meet regulatory expectations in an efficient manner. When regulatory or cul-
tural priorities shift, an AML program must be fungible enough to shift with the changing
priorities. Take banking marijuana-related businesses (MRBs) as an example. Not long ago,
providing financial services to state-sanctioned MRBs was not on any compliance officer’s
1
radar because state-sanctioned marijuana
businesses were not viable under existing
laws. Today, compliance officers must not
only determine the risk tolerance for servic-
ing MRBs, but also document the decision
and put appropriate controls in place to
support the decision.
Any financial institution that is not reevalu-
ating its existing controls in light of the
changing socioeconomic environment is
taking on regulatory risk it has not even
identified.
Similarly, the Fourth EU Directive 1 (4MLD)
has quietly eliminated the requirement of a
politically exposed person (PEP) to be for-
eign. According to Nina Kerkez, senior prod-
uct manager at Accuity, “So far we have
considered foreign PEPs, senior political,
military and judicial figures as well as their
families as higher risk customers when
money laundering risks are looked at. With
the inclusion of domestic PEPs, 4MLD also
insists that enhanced due diligence is per-
formed on these individuals by reviewing
“Directive (ED) 2015/849 of the European Parliament and of the Council,” Official Journal of the European Union, May 20, 2015, http://eur-lex.europa.eu/
legal-content/EN/TXT/PDF/?uri=OJ:JOL_2015_141_R_0003&from=ES
58
ACAMS TODAY | SEPTEMBER–NOVEMBER 2017 | ACAMS.ORG | ACAMSTODAY.ORG