9. Change management Change management has been critical during the last two years as the pandemic caused a shift to remote working. Enhanced controls are needed to ensure data security and processes align with expectations, and regulators may ask what steps a financial institution has taken to adapt during the pandemic. Added quality assurance measures may be needed to address the challenges of managing a remote work team. Regulators will also consider how financial institutions have handled the “great resignation.” Retaining talent has proven difficult for some traditional institutions as remote work in the industry has become more acceptable. AML professionals have opportunities nationwide, which include those outside of traditional banking. Experienced BSA professionals have long been in high demand, and this shift has caused a significant strain on financial institutions’ ability to staff their BSA teams with experienced, qualified officers and investigators. Regulators will not want to know why a BSA team is understaffed or underqualified; they want the deficiency corrected. Staffing issues must be addressed, and according to the HBA panel, you may be asked how your institution is attracting and retaining talent within your BSA team. The great resignation has also affected technology talent, which has a significant crossover effect for BSA. 10. Revisiting Common Deficiencies Wrapping up the top ten hot topics are common deficiencies cited by regulators during recent exams. Be assured that regulatory bodies share information and stay updated on other consent orders. As money laundering and fraud appear to be on the rise in many areas, financial institutions should review these common deficiencies of AML programs and fill in any identified gaps before their next audit or exam. • Backlogs in BSA related processes, such as processing alerts, cases, and EDD high-risk reviews • Changes in transaction monitoring systems leading to the backlog described above • Staffing turnover leads to inadequate or inexperienced staffing • Lack of adequate controls, either an independent audit function or internal quality assurance processes • Risk Assessment is not updated with current products/ services or markets • Alerts closed with inadequate or no documentation • No SAR decision with cut and paste templates – while templates are acceptable, they should always include and support reasons why the activity is not suspicious • Inadequate analysis for No SAR decisions. Using “known customer” to justify these decisions is insufficient. Each potentially suspicious transaction must be analyzed. Conclusion Although there have been drops in regulatory BSA findings for 2020 and into 2021, the panel believes this was primarily due to pandemic restrictions, increased off-site examinations, and a focus shift away from BSA to asset quality and liquidity. Regulators have seen an increase in BSA focus during the first quarter of 2022, and with the Russian invasion of Ukraine, OFAC will be in the spotlight more than ever. Keeping these top ten hot topics in mind will assist your financial institution in passing your next exam with flying colors. Takeaways 1. Planning now around AMLA requirements and informing executive management of expected changes will put your financial institution in a position to move forward with anticipated rules and guidance. 2. Financial institutions should review the common deficiencies in AML programs that regulators cite and fill gaps identified before their next audit or exam. 3. Regulators have seen an increase in BSA focus during the first quarter of 2022, and now with the crisis with the Russian invasion of Ukraine, OFAC will be in the spotlight more than ever. Terri Luttrell, Abrigo’s Compliance & Engagement Director, is CAMS-Audit certified and has over 20 years in the banking industry. She has worked in both medium and large community banks in compliance/fraud, commercial lending, and deposit operations. As an AML consultant, Terri has helped institutions develop BSA/OFAC programs to ensure all regulatory requirements are met and successfully managed a team of AML investigators for a large cross-border institution, among other engagements. For financial institutions using artificial intelligence (AI), regulators will want to see best practices in place. There should be model validations to ensure AI is working as it should be. After all, AI is developed by humans, and mistakes can happen. Manage with caution and have a good quality assurance process in place. Continued from page 19 cbak.com 20 In Touch
RkJQdWJsaXNoZXIy ODQxMjUw