Examination

Subscribe to Examination

On March 29, 2021, the Securities and Exchange Commission (“SEC”) began to make good on its promise to make AML a key examination priority in 2021 by issuing a risk alert authored by the Division of Examinations (“EXAMS”) detailing the results of a review of broker-dealers’ compliance with anti-money laundering (“AML”) requirements (the “Alert”).

The Alert details the obligations of broker-dealers to comply with AML programs and SAR monitoring and reporting requirements pursuant to the “AML Program Rule,” 31 C.F.R. § 1023.210, and the “SAR Rule,” 31 C.F.R. § 1023.320, as well as similar obligations under Rule 17a-8 of the Securities Exchange Act of 1934 (“Exchange Act”), which incorporates the Bank Secrecy Act (“BSA”) reporting and record-keeping obligations applicable to broker-dealers.  The Alert further issues findings that indicate certain firms are experiencing shortcomings when it comes to establishing and implementing sufficient suspicious activity monitoring and reporting policies and procedures, which is leading to inadequate SAR reporting in several respects.

Perhaps not coincidentally, EXAMS issued the Alert shortly after the U.S. Court of Appeals for the Second Circuit ruled in December 2020 in SEC vs. Alpine Securities Corp. that the SEC has the authority to bring an enforcement action against broker-dealers under Section 17(a) and Rule 17a-8 of the Exchange Act on the basis of alleged BSA failures, including failures to comply with the SAR Rule.  Whether the Alert is a true “heads up” or a forewarning of enforcement actions to come, firms are encouraged not to replicate the specific deficiencies identified in the Alert.
Continue Reading  Broker-Dealers Fail SEC AML Examinations

On February 25, 2021, the Federal Financial Institutions Examination Council (“FFIEC”) released updates to the Bank Secretary Act/Anti-Money Laundering (“BSA/AML”) Examination Manual (the “Manual”), which provides guidance to examiners for evaluating a financial institution’s BSA/AML compliance program and its compliance with related regulatory requirements.

First, the Manual adds a new introductory section, Assessing Compliance with [BSA] Regulatory Requirements.  Second, the Manual updates the sections pertaining to Customer Identification Program (“CIP”), Currency Transaction Reporting (“CTR”), and Transactions of Exempt Persons. The Manual explains that, consistent with prior updates, that the “updates should not be interpreted as new instructions or as a new or increased focus on certain areas,” but are intended to “offer further transparency into the examination process and support risk-focused examination work.”

The 2021 updates are not quite as substantial as the 2020 updates to the Manual, which pertained to scoping and planning of examinations; the review of a financial institution’s BSA/AML risk assessment; the assessment of an institution’s BSA/AML compliance program; and guidance for examiners on developing conclusions and finalizing the examination.  Nonetheless, the updates provide useful insight into what examiners regard as important for BSA/AML compliance.
Continue Reading  The FFIEC Updates the BSA/AML Examination Manual

Revisions to BSA Will Inform Regulatory Examinations for Years to Come

Third Post in an Extended Series on Legislative Changes to BSA/AML Regulatory Regime

As we have blogged, the Anti-Money Laundering Act of 2020 (“AMLA”), contains major changes to the Bank Secrecy Act (“BSA”), coupled with other changes relating to money laundering, anti-money laundering (“AML”), counter-terrorism financing (“CTF”) and protecting the U.S. financial system against illicit foreign actors.  In this post, we focus on some fundamental changes set forth in the AMLA’s very first provision, entitled “Establishment of national exam and supervision priorities.”

This new provision sets forth broad language affecting basic principles underlying the BSA and AML/CTF compliance. Specifically, it revises and expands the stated purpose of the BSA; enumerates specific factors for regulators to consider when examining financial institutions’ AML program compliance; requires the Secretary of the Treasury to establish public priorities for AML/CTF policy; and expands the duties and powers (and responsibilities) of the Financial Crime Enforcement Network (“FinCEN”).  We discuss each of these changes in turn.

As always, future regulations will determine how these abstract statements of principle will be applied in practice.  Ultimately, however, these AMLA amendments acknowledge the reality that AML/CTF compliance has become much more complex and nuanced since the early days of the BSA, and is a critical component of the soundness of the global financial system.
Continue Reading  First Principles: AMLA Expands Stated Purpose of BSA and Exam Priorities

We are pleased to offer the latest episode in Ballard Spahr’s Consumer Financial Monitor Podcast series — a weekly podcast focusing on the consumer finance issues that matter most, from new product development and emerging technologies to regulatory compliance and enforcement and the ramifications of private litigation.  Following up on a recent blog post,

Regulators Provide Greater Transparency into BSA/AML Enforcement Process

On August 13, 2020 the Federal Reserve System, Federal Deposit Insurance Corporation, National Credit Union Administration, and Office of the Comptroller of the Currency (the “Agency” or collectively the “Agencies”) issued a joint statement updating and clarifying their 2007 guidance regarding how they evaluate enforcement actions when financial institutions violate or fail to meet BSA/AML requirements. The Financial Crimes Enforcement Network (“FinCEN”) followed with its own statement on August 18, 2020, setting forth its approach when considering enforcement actions against financial institutions that violate the BSA.

Below are a few highlights from the two sets of guidance:

  • The joint statement repeatedly emphasizes that isolated or technical deficiencies in BSA/AML compliance programs will not generally result in cease and desist orders.
  • The joint statement provides specific categories and examples of BSA/AML program failures that typically would (or would not) result in a cease and desist order. Certain of these examples are discussed below.
  • Compared to the 2007 guidance, the joint statement provides more detailed descriptions and examples of the pillars of BSA/AML compliance programs, such as designated BSA/AML personnel, independent testing, internal controls, and training.
  • FinCEN explains in its statement that it will base enforcement actions on violations of law, not standards of conduct contained solely in guidance documents.
  • The FinCEN statement lays out the factors FinCEN considers when determining the disposition of a BSA violation. Unsurprisingly, these factors include the pervasiveness and seriousness of the conduct and the violator’s cooperation and history of wrongdoing.

All in all, the two statements, particularly the joint statement, succeed in providing greater transparency into the regulators’ decision-making processes with regards to pursuing enforcement actions for violations of the BSA and for AML program deficiencies.
Continue Reading  Federal Banking Agencies Issue Joint Statement On Enforcement of BSA/AML Requirements; FinCEN Follows With Its Own

Examiners Should Focus on Risk, Not Technical Perfection

On April 15, 2020, the Federal Financial Institutions Examination Council (“FFIEC”) released updates to the Bank Secretary Act/Anti-Money Laundering (“BSA/AML”) examination manual (the “Manual”). As the FFIEC Interagency press release described, the Manual provides “instructions to examiners when assessing the adequacy of a bank’s BSA/AML compliance program.” The “release of the updated sections provides further transparency into the BSA/AML examination process and does not establish new requirements.” The press release further stated the revisions were made to, among other objectives, emphasize examiners should be “tailoring BSA/AML examination to a bank’s risk profile,” to “ensure language clearly distinguishes between mandatory regulatory requirements and supervisory expectations” for examiners, and to “incorporate regulatory changes since the last update of the Manual in 2014.”

The Federal Deposit Insurance Corporation (“FDIC”) also issued a press release regarding the updates. Its statement recognized “financial institutions are faced with uncertainty during this unprecedented time,” therefore the FDIC cautioned the update, “which supports tailored examination work, has been in process for an extended period and should not be interpreted as new instructions or as an augmented focus.”

The updates focus on four steps in the examination process:

  • Scoping and Planning
  • BSA/AML Risk Assessment
  • Assessing the BSA Compliance Program
  • Developing Conclusions and Finalizing the Examination

The updates emphasize examiners should take a “risk-focused” approach to tailor the review of a regulated institution’s BSA/AML compliance program, meaning the examination should be tailored to the risk profile of that specific institution.  The Manual updates incorporate guidance on more recent developments such as Customer Due Diligence (“CDD”) and Beneficial Ownership requirements and a recognition of innovations in collaborations among smaller institutions.  Importantly, the Manual reminds examiners that banks have flexibility in the design of their BSA/AML compliance programs, and that minor weaknesses, deficiencies, and technical violations alone do not indicate an inadequate program.
Continue Reading  FFIEC BSA/AML Examination Manual Updates Reveal Exam Process and Expectations

We are pleased to offer the latest episode in Ballard Spahr’s Consumer Financial Monitor Podcast series — a weekly podcast focusing on the consumer finance issues that matter most, from new product development and emerging technologies to regulatory compliance and enforcement and the ramifications of private litigation.

In this podcast, we examine two recent OCC

Regulatory Examination and Related Enforcement Also Highlights Perceived Risks of Banking Crypto Clients

The Department of the Treasury’s Office of the Comptroller of the Currency (“OCC”) recently issued a Consent Order against M.Y. Safra Bank arising from the bank’s decision to accept a variety of high-risk, Digital Asset Customers (“DACs”), allegedly without implementing the necessary Bank Secrecy Act (“BSA”) and Anti-Money Laundering (“AML”) controls. Although the OCC did not impose a monetary penalty against the bank, it demanded that the bank implement and maintain a remarkably broad array of potentially costly and extremely detailed measures to strengthen its AML program. And, notably, the OCC specifically tasked the bank’s Board of Directors with implementing, overseeing, and reporting on these measures.

We describe here the OCC’s examination into and requirements imposed on M.Y. Safra Bank. The Consent Order is a reminder to the boards and management of all financial institutions that if they pursue novel and higher-risk customers – certainly, a potentially defensible business plan in our increasingly competitive business environment – then they absolutely have to adjust accordingly their AML compliance program and accompanying transaction monitoring to compensate for such increased risk. This is particularly true when those new customers employ novel technologies or business products which require a particularized ability to understand and address from an AML perspective. New, creative business lines are not necessarily bad – so long as the implementation of the AML compliance program is adjusted appropriately to identify and manage the new risk.

The Consent Order also is a reminder that, as the BSA/AML Examination Manual of the Federal Financial Institutions Examination Council states, “[t]he board of directors, acting through senior management, is ultimately responsible for ensuring that the bank maintains an effective BSA/AML internal control structure,” and otherwise must create a culture of compliance.

This Consent Order and related OCC AML exam and enforcement issues – including the liability of not just institutions, but also the potential individual liability of AML in-house professionals – will be the topic of a forthcoming installment in Ballard Spahr’s Consumer Finance Monitor Podcast by the firm’s AML Team. Please stay tuned our podcast, and read on here.
Continue Reading  OCC Action Highlights Increased Accountability Facing Boards of Directors

On October 1st, the Office of the Comptroller of the Currency (OCC) published the Fiscal Year 2020 Bank Supervision Operating Plan (“FY 2020 Plan”).

The FY 2020 Plan sets forth the OCC’s supervision priorities and objectives for the fiscal year beginning October 1, 2019 and ending September 30, 2020. The supervision priorities set forth align with the the OCC’s Strategic Plan, Fiscal Years 2019-2023.

The FY 2020 Plan facilitates the development of supervisory strategies for individual national banks, federal savings associations, federal branches, federal agencies, and technology services providers. OCC staff members use the plan to guide their supervisory priorities, planning, and resource allocations.
Continue Reading  The OCC Releases Fiscal Year 2020 Bank Supervision Operation Plan

We are pleased to offer the latest episode in Ballard Spahr’s Consumer Financial Monitor Podcast series — a weekly podcast focusing on the consumer finance issues that matter most, from new product development and emerging technologies to regulatory compliance and enforcement and the ramifications of private litigation.  Our podcast discusses the conduct for which financial