COMPLIANCE
The BSA officer must ensure the existing controls are comprehensive enough to sustain the program in light of the loss of the person with expertise.
Change in leadership
An incoming experienced BSA officer will also, undoubtedly, reevaluate existing controls in a satisfactory program. The skilled BSA officer brings with him / her knowledge gained from prior examinations and information gained from networking and industry training along with a keen understanding of risk-based controls. A new set of eyes on a successful program may highlight potential risks not previously identified. With the current emphasis on personal liability, a BSA officer taking leadership over an existing program must have complete understanding and faith that the existing controls adequately cover identified risks and that residual risk falls within the risk tolerance for the organization. NY DFS Part 504 essentially requires a BSA officer new to an organization to very quickly comprehend the program and systems and have faith in those same programs and systems to put their reputations and personal finances on the line.
Mergers and acquisitions
A significant change in the size, geographic footprint, product offering and / or customer base due to a merger or acquisition should result in a reevaluation of current controls.“ Identify the specific risk categories( i. e., products, services, customers, entities, transactions and geographic locations) unique to the bank” 6 is the recommended first step to a comprehensive risk assessment as outlined in the Federal Financial Institutions Examination Council’ s
The art of being a BSA officer is the ability to balance the need for technological change in a program, the desire to reap the benefits of improved technology and the cost of implementing and maintaining advanced technology
BSA / AML Examination Manual. Knowledge of the specific AML risks posed by a merger or acquisition is a critical step in performing a gap analysis. The BSA officer will map the current controls to any newly identified risk to identify gaps in the program. The BSA officer will then determine if the gap is acceptable or must be mitigated with new or enhanced controls. Failure to reevaluate the control in light of risks from a merger or acquisition leaves the financial institution open for regulatory criticism.
Change in technology
The pace of technological change has accelerated in the last two decades. AML programs are not immune from advancing technology. In addition,“ with the rise of regulatory practices becoming strictly enforced at both the national and international level, financial institutions are faced with the fact that AML software that was once viewed as an unnecessary luxury for the company has shifted to an essential component in everyday operations.” 7 The art of being a BSA officer is the ability to balance the need for technological change in a program, the desire to reap the benefits of improved technology and the cost of implementing and maintaining advanced technology. It becomes easy to justify the need for new or improved technology when an examiner points out deficiencies in an AML program. When an AML program is operating effectively, separating the need for enhanced technology from the desire to have enhanced technology becomes much more difficult.
In theory, improved technology equals better controls. Enhanced screening capability should translate to fewer false positives or fewer missed positives, which should result in more focused reviews. Advanced monitoring capability should
6
“ Bank Secrecy Act / Anti-Money Laundering Examination Manual,” FFIEC, 2014, https:// www. ffiec. gov / bsa _ aml _ infobase / documents / bsa _ aml _ man _ 2014. pdf
7
Christopher J. Pelaez,“ AML Compliance Costs— How much is enough?,” Global Radar, August 25, 2016, https:// www. globalradar. com / aml-compliance-costs-how-much-is-enough /
60 ACAMS TODAY | SEPTEMBER – NOVEMBER 2017 | ACAMS. ORG | ACAMSTODAY. ORG