On July 22, 2019, the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the National Credit Union Administration, the Office of the Comptroller of the Currency (collectively, the “federal banking agencies”), and the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (“FinCEN”) issued a joint statement emphasizing their risk-focused approach to examinations of banks’ Bank Secrecy Act/anti-money laundering (“BSA/AML”) compliance programs (the “Statement”). The Statement does not purport to create additional supervisory expectations for banks, but is meant to provide transparency into the risk-focused approach the agencies use for planning and performing BSA/AML examinations. While the Statement largely restates existing rules and guidance and notes “it does not establish new requirements,” the fact that the agencies issued the statement may itself be an important, albeit implicit, acknowledgement of concerns expressed by some that BSA/AML examinations have become increasingly less risk-based in practice.
Under existing requirements, the federal banking agencies assess a bank’s BSA/AML compliance program during each examination cycle. The Statement provides that the federal banking agencies evaluate the adequacy of a bank’s BSA/AML compliance program relative to its risk profile, and that the scope of BSA/AML examinations varies based on an individual bank’s focus (e.g., customer base) and complexity.
According to the Statement, a critical part of any bank’s risk-based BSA/AML compliance program is a well-developed risk assessment, which helps examiners to understand the bank’s individual risk profile. In addition to reviewing the bank’s BSA/AML risk assessment, examiners may review other available information including independent testing or audits and analyses from previous examinations, contact bank staff prior to an examination, or consider the bank’s ability to identify, measure, monitor, and control risks in order to assess the bank’s risk profile. This information helps the agencies tailor BSA/AML examination plans and procedures, allocate resources, and evaluate the adequacy of the bank’s BSA/AML compliance program.
The Statement also addresses the topic of “de-risking,” encouraging banks to mitigate risks by implementing controls commensurate with those risks rather than terminating customer relationships: “…banks are encouraged to manage customer relationships and mitigate risks based on customer relationships rather than declining to provide banking services to entire categories of customers.” This echoes similar statements on de-risking by the other federal banking regulators in recent years, including guidance issued in 2016 by the Office of the Comptroller of the Currency that focused on foreign correspondent banking, which followed media reports that correspondent banking relationships were being terminated due to AML concerns.
Finally, the Statement also emphasizes that the risk-focused approach it describes “forms the foundation” for the Federal Financial Institutions Examination Council BSA/AML Examination Manual. Notably, the agencies have indicated elsewhere that they are currently in the process of reviewing and revising that manual to further define their risk-based approach to supervision and provide additional clarity to banks in resourcing and meeting their BSA/AML compliance obligations.
More generally, the Statement appears to be part of a broader, recent effort by the federal banking agencies and FinCEN to bring greater transparency to their approach to examinations under the BSA/AML regime. That includes, most recently, a December 2018 joint statement encouraging financial institutions to responsibly explore and implement new BSA/AML technologies and take innovative approaches to combating money laundering, terrorist financing, and other illicit financial threats. In this respect, the Statement and similar efforts towards greater transparency may prove useful to supervised institutions in confirming the scope and focus of AML/BSA examinations with their supervisors. The Statement may also reflect recent legislative scrutiny of the overall BSA/AML framework, which has been the focus of recent hearings and pending legislation in Congress.