The regulatory roundtable is one of the most popular sessions each year at the annual ACAMS AML conference. This year’s session included some much-needed discussion around the US AML/CFT national priorities (“the priorities”) and “effectiveness.” FinCEN’s Director of the Office of Compliance Jay Song, who spoke at the roundtable, made it very clear: banks should not wait for a specific rule on “effectiveness” or specific to the implementation of the priorities published in 2021, as that would go against the concept of the longstanding risk-based approach. Song went on to say:“There are differences in terms of what the requirements are from a regulatory and examination perspective, but the risk management principle remains the same. It’s a risk-based approach—financial institutions should identify and manage their risks. There will be rulemaking that will give more precision in connection with the priorities, but the risk-based approach is still the overwhelming concept one should take away as you’re considering Priorities.”
Song’s comments echo statements made in the interagency statement on the Issuance of the Anti-Money Laundering/Countering the Financing of Terrorism National Priorities published in June 2021*. That statement from FinCEN and other U.S. regulators stated:“…in preparation for any new requirements when those final rules are published, banks may wish to start considering how they will incorporate the AML/CFT priorities into their risk-based BSA [Bank Secrecy Act] compliance programs, such as by assessing the potential related risks associated with the products and services they offer, the customers they serve, and the geographic areas in which they operate.”
While financial institutions aren’t required to incorporate the priorities into their programs, incorporation will be a measure on which an institution is supervised and examined, according to the Interagency Statement. U.S. regulators have advised it is not wise to wait to consider your AML/FinCrime program’s posture concerning the priorities and risk-based approach. So what can your institution do now to prepare?
Financial institutions should consider self-assessing key domains within their program’s policy, risk management, and control frameworks. The self-assessment should consider risk exposure and whether the program has the policies and structure for consistently evaluating and revising those domains as priorities and exposure change.
This kind of self-assessment will enable institutions to:
- Determine whether your program and specific controls are effective and demonstrable to your regulators
- Identify areas to reallocate and/or refocus resources
- Rethink current programs efforts and associated requisite procedural and technological change
- Tell your unique story about your successes to help foster positive relationships with your regulators
If you are considering the next steps in your approach to assessing “effectiveness” in your program, you may be interested in the SymphonyAI Sensa-NetReveal effectiveness maturity assessment tool. Please complete the contact us form or email marketing@netreveal.ai for more information.
*Interagency Statement on the Issuance of the Anti-Money Laundering/Countering the Financing of Terrorism National Priorities, June 2021 | https://www.federalreserve.gov/supervisionreg/srletters/SR2110a1.pdf
