A working group composed of the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the National Credit Union Administration, the Office of the Comptroller of the Currency, and the US Department of the Treasury’s Financial Crimes Enforcement Network issued a joint statement on July 22 that is intended to provide greater clarity regarding the risk-focused approach used by examiners for planning and performing Bank Secrecy Act (BSA)/anti-money laundering (AML) examinations.
The statement outlines the common practices examiners use to assess a bank’s money laundering/terrorist financing risk profile. According to the statement, such practices generally include (1) leveraging available information, including the bank’s BSA/AML risk assessment, independent testing or audits, analyses and conclusions from previous examinations, and other information available through the offsite monitoring process or a request letter to the bank; (2) contacting banks between examinations or prior to finalizing the scope of an examination; and (3) considering the bank’s ability to identify, measure, monitor, and control risks.
The information gathered from the risk profile is then used to tailor the scope and focus of the exam. It is also used to allocate examination resources to higher risk areas and to initially evaluate the adequacy of a BSA/AML compliance program. The examination activities necessary to evaluate a bank’s BSA/AML compliance program generally depend on the bank’s risk profile and the ability of its risk management processes to identify, measure, monitor, and control risks, and to report potential money laundering, terrorist financing, and other illicit financial activity.
In the same way that examiners use a risk-focused approach, banks use a risk-based approach to manage customer relationships. The statement notes that banks are encouraged to mitigate risks based on customer relationships rather than declining to provide banking services to entire categories of customers.
While the statement does not establish any new requirements, it is part of a broader effort by the regulators to reinforce and enhance the transparency, effectiveness, and efficiency of the BSA/AML regime. It further reinforces the agencies’ focus on risk-based AML examination and supervision and the importance of risk-based compliance and oversight for affected financial institutions.