The following article resulted from a discussion between Indra Elangovan, Head of Strategic Advisory, Travillian, and David Caruso, Cofounder and Managing Director of The Dominion Advisory Group, Washington, DC.
Boards of Directors are responsible for overseeing the management of many functions, some of which may be unfamiliar to them. A handful of these issues are particularly risky, including Bank Secrecy Act/Anti-Money Laundering (BSA/AML) compliance. Failure to comply with BSA/AML rules presents directors and financial institutions with substantial legal, compliance, operational, reputation, and financial risks.
With a subject like BSA/AML, directors are expected to ensure compliance; yet, the rules, regulations, operations, and intricacies of programs are challenging to grasp. What can directors do to fulfill their oversight obligations?
Fulfilling Obligations
As part of overseeing executive risk management of BSA/AML functions, board members should receive, at least annually (if not more frequently), in-person reports from the BSA/AML Officer.
During these presentations, directors can evaluate the BSA/AML Officer and other executives responsible for compliance by asking questions related to communication skills, management characteristics, and strategic thinking, three crucial abilities needed to run a complex BSA/AML compliance operation properly.
How BSA/AML Compliance Is Different
BSA/AML compliance is, in many ways, different from other compliance issues. Typically, compliance responsibilities focus on tracking and reporting data and testing adherence to policy and procedures. For example, compliance with Fair Lending rules or marketing and advertising regulations requires staff to gather, organize, review, and report data on adherence to policy.
BSA/AML compliance is a day-to-day operation. A BSA/AML Officer and his or her department staff must monitor account opening and transactions to identify risk, investigate possible wrongdoing, and report suspicious activity, all within regulatory-defined timeframes. They rely on lines of business to fulfill their responsibility to serve only bank customers with verified identities.
Breakdowns in these operations result in regulatory actions against institutions, with the potential to rise to involve law enforcement.
In these situations, directors face professional and personal risks.
Four Methods of Assessing Effectiveness
Learning the details of how BSA/AML operations work may be something directors consider, but becoming an expert is unlikely. Reliance on the competence and effectiveness of the BSA/AML Officer is therefore necessary.
There are four ways directors can better assess an AML/BSA compliance program, augmented by specific tactics a board can use to maximize the exchange of crucial information.
- Communication Skills
Whether managing a small or large department, BSA/AML Officers must communicate effectively. Because there are endless intricacies to BSA/AML policy and processes and constant variations of money laundering and financial crime, a BSA/AML Officer must be involved in daily decisions in which they gather and process information and communicate answers and direction to their teams. A lack of strong communication skills is a risk.
In addition, all BSA/AML Officers interact with auditors and regulatory agency examiners. These interactions are essential for one reason: During these conversations, auditors and examiners decide whether they have confidence in the BSA/AML Officer. If they do not, the institution faces increasing risk.
Board Engagement: During board meetings with the BSA/AML Officer, board members should assess the Officer’s ability to engage in conversation. How do they answer unscripted questions? Think on their feet? Demonstrate confidence? These are all skills needed to work effectively with other senior management and interact with regulators in intense environments.
- Transparency
Some BSA/AML executives are unfortunately reluctant to share their concerns with directors, including details on:
- Emerging risk issues
- Staffing levels, budget
- Lack of strategic planning
Too often, because BSA/AML issues are not well understood by directors. Members of the board may therefore listen only passively to the annual or quarterly report. They may even pressure the BSA/AML Officer to keep the presentation as short as possible, which can lead to the omittance of critical information.
Board Engagement: Directors should ask the BSA/AML Officer about what is not going well and what issues they worry are not getting the attention of executive management. This may be uncomfortable for directors, the BSA/AML Officer, and the CEO, but it will bolster the necessary courage and willingness to raise issues. It also helps the board see how much the CEO and other executives are aware of and involved in the BSA/AML issues.
- Strategic Thinking
Directors should ask BSA/AML Officers about current regulatory, economic, and geopolitical issues and their potential impacts on compliance.
For example, one of the most disruptive and complex BSA/AML compliance issues recently was the impact of Russian sanctions and the challenges banks face in responding to their escalation in a compressed timeframe.
Board Engagement: Beyond communicating issues and trends, Directors should ask for an explanation of the impact of wide-reaching events on BSA/AML compliance. Further, this discussion should include any second-order impacts that could affect the bank’s business.
The goal of this line of detail is to determine:
- Is it evident the BSA/AML Officer is thinking strategically?
- Does it indicate that the CEO and other senior executives have had discussions of this nature?
- Are compliance and business plans adjusted as needed?
- How are these adjustments communicated and rolled out?
Unfortunately, some BSA/AML Officers think narrowly and in the short term, focusing attention on the next internal audit or regulatory exam. Of course, audits and exams are essential. Still, if BSA/AML executives don’t think broadly about risk, current events, and the bank’s businesses, it is more likely the BSA/AML program will hinder business growth and increase the risk for everyone.
- Business Understanding
BSA/AML compliance is a specialty operation that often lacks integration with business lines. This disconnect can lead many BSA/AML staff to be unfamiliar with how financial institutions generate revenue and profit.
The observation is not meant to criticize those doing the daily work. It is meant to illustrate that, when detached from the bank’s overall mission and purpose, BSA/AML Officers and their staff can find themselves unfamiliar with banking products, services, and revenue operations.
This unintentional disconnect harms their ability to spot financial crime risks, build programs, and implement measures to mitigate these risks. It also means it’s highly probable that the BSA/AML Officer does not regularly work closely with other executives, creating an environment of potentially lax oversight.
Board Engagement: The key to building business understanding is for the board to ensure that the BSA/AML Officer — and his or her staff — is wholly integrated into the business of the financial institution. Questions to determine a level of confidence in this detail include:
- Is the BSA/AML Officer a member of any new product and service management committees?
- What other management committees are he or she either a member of or a participant in?
- Do business heads seek input and risk management advice from the BSA/AML Officer?
These key indicators illustrate whether BSA/AML compliance is integrated into the institution’s culture or whether it is detached and thus presents greater risk.
On the Horizon
Caruso offers additional insights into what this year may hold for BSA/AML compliance.
An Ongoing Priority
The bank regulatory agencies will continue prioritizing BSA/AML compliance issues. Bank executives and directors can expect ongoing scrutiny, driven by industry forces that include:
- Additional sanctions
- Recent financial crime scandals
- New, emerging regulatory rules
- A challenging earnings environment
Examiners expect senior management and the board of directors to actively engage and oversee critical compliance programs. Passively receiving quarterly or annual reports from a BSA/AML Officer is insufficient. Prudent leaders will ask probing questions, challenge management, and take measures of the internal professionals responsible for building and operating strong programs.
Uptick in Fraud
Caruso cites a significant increase in fraud unfolding over the past several years, an issue rising as a concern. The trend has not escaped the notice of the regulators.
In response, directors should ask how fraud impacts their banks and how the fraud and BSA/AML functions are organized.
Often, these are separate functions that interact infrequently. This structure may work in some instances. But, he advises, given that both are investigative disciplines at the core, having them work together may yield benefits in risk management, effectiveness, and efficiency.
More Information
For more information please e-mail Indra Elangovan directly at ielangovan@travilliangroup.com or to read the rest of the Travillian Next Bank Board Insights series, please click one of the links below:
Part I: A Thriving Bank Requires a Thriving Board – Let’s Make it Happen!
Part II: Risk Governance with Contributing Guest Michele Wucker
Part III: How to Dress For SUCCESSion
Part IV: Are Bank Boards Risky Enough?
Part V: A Panel Discussion on Strategic Board Talent and Expertise
Travillian’s Banking and FinTech Practice provides Search and Talent Advisory services to depository institutions across the country. Established in 1998, the firm has built a unique platform that touches every corner of the industry. To learn more, click here, or get in touch below!
Indra Elangovan, Head of Strategic Advisory
(443) 844-2798 | ielangovan@travillaingroup.com |