Should you share your bank’s BSA and AML resources?

Federal regulators have offered guidance for banks interested in sharing resources to more effectively manage Bank Secrecy Act and anti-money laundering requirements.

By Mary Thorson Wright

The eternal challenge for community banks has been, and continues to be, how to do more—and more—to comply with Bank Secrecy Act (BSA) and anti-money laundering (AML) requirements with fewer employees and less money than larger banks. Good news: Community banks may be able to share resources to reduce costs, increase operational efficiency and leverage specialized expertise. However, they should do so with care.

Quick stat

35%

of AML specialists cited “resource allocation” as their greatest challenge

Source: 2018 ACAMS poll

In October 2018, the federal financial regulatory agencies published the Interagency Statement on Sharing Bank Secrecy Act Resources to offer options to share resources to manage BSA and AML obligations more efficiently and effectively. The collaborative arrangements covered in the statement generally are most suitable for banks with a community focus, less complex operations and lower risk profiles for money laundering or terrorist financing.

“Reading between the lines, it appears clear that the regulators have increasing expectations for BSA [compliance] at community banks and don’t intend to allow resource challenges to diminish their performance,” says David Bequeaith, president and managing director of TIB-Bequeaith Banking Solutions. “They have responded with direction on what can and can’t be done to achieve those tasks, and that is welcome. As an auditor for roughly 100 banks ranging from $100 million to $13 billion [in assets], this clarification is useful.”

“Reading between the lines, it appears clear that the regulators have increasing expectations for BSA at community banks and don’t intend to allow resource challenges to diminish their performance.”
—David Bequeaith, TIB-Bequeaith Banking Solutions

Each bank’s risk assessment must show that it has adequately identified the risk within its banking operations—products, services, customers, entities and geographic locations—and incorporated the risk into the BSA/AML compliance program. And each bank must maintain a written BSA/AML compliance program commensurate with its respective BSA/AML risk profile that includes a system of internal controls: independent testing of BSA compliance; a designated person or persons responsible for managing BSA compliance (BSA officer); and training for appropriate personnel.

Collaboration ideas

The interagency statement offers suggestions that parallel the requirements of the BSA/AML program:

  • Internal controls: Community banks may benefit from a collaborative arrangement to 1) review, update or draft BSA/AML policies and procedures; 2) review or develop risk-based customer identification and account monitoring processes; or 3) tailor monitoring systems and reports for the risks posed. Sharing resources, such as databases, may also be cost-effective.
  • Independent testing: Many community banks have been challenged to employ staff independent of the day-to-day BSA/AML requirements who are qualified to perform meaningful independent testing of the program. Shared resources may be a solution for some banks.
  • BSA/AML training: For some community banks with small staffs, and particularly those located in smaller communities, personnel with BSA/AML expertise and training skills may be scarce. It may also be cost prohibitive to use outside trainers for every training session. A collaborative arrangement may allow banks to share internal training personnel or could be used to leverage the cost of a qualified instructor.
  • BSA/AML officers: Each bank must designate a qualified individual to serve as a BSA officer, but the interagency statement does not recommend banks share BSA officers unless all banks party to the agreement are affiliates. “Unfortunately, sharing the most critical resource—the BSA/AML officer or professional—remains limited on a practical basis to the enterprise level programs that we often see at multi-bank holding company groups, which can operate very effectively,” Bequeaith says.

Preparation is everything

Although BSA/AML responsibilities rest on many throughout the bank, a well-prepared BSA/AML officer can make a big difference.

“We created the BSA/AML Certification program for the ICBA in 2007 to meet the specific needs of community financial institutions and provide the peer-sharing context that is referenced in the guidance,” Bequeaith says. “We do numerous case studies, often grouping attendees by size, core vendor or AML-monitoring program, to provide the forum to discuss best practices.

“For our day at ICBA’s Annual Current Issues/Certification Conference in the fall [see sidebar], we expand this peer sharing by posing rigorous case exercises around technical filing, customer due diligence, transaction monitoring and suspicious activity report filing,” he adds. “As most of these programs are attended to capacity, it appears to be meeting expectations.”

While collaborative arrangements may offer some benefits, their use must be managed to minimize risk and to ensure the banks that engage collaboratively benefit as expected. Community banks considering the benefits of collaborative arrangements for sharing BSA/AML resources should exercise due diligence and weigh these benefits and risks carefully.

Upcoming compliance training

Look to ICBA’s Community Banker University for industry-specific education and professional development opportunities. Here are some upcoming regulatory compliance‑focused events. icba.org/education

BSA/AML Institute
Executive C-suite training, compliance and BSA certification
May 14–16, Minneapolis

Compliance Institute
Executive C-suite training, compliance certification and compliance
June 9–14, Minneapolis

BSA/AML Institute
Executive C-suite training, compliance and BSA certification
Aug. 5–7, Denver

Annual Current Issues/Certification Conference
Leadership development, information, executive C-suite training, compliance, auditing.
Certifications: technology, compliance, BSA, bank security, auditing
Sept. 23–26, Minneapolis

Compliance Institute
Executive C-suite training, compliance certification and compliance
Sept. 29–Oct. 4, Nashville, Tenn.

Annual Current Issues/Certification Conference
Leadership development, information, executive C-suite training, compliance, auditing.
Certifications: technology, compliance, BSA, bank security, auditing
Oct. 21–24, Charlotte, N.C.

BSA/AML Institute
Executive C-suite training, compliance and BSA certification
Nov. 13–15, Dallas


Mary Thorson Wright, a former Federal Reserve examiner, is a financial writer in Virginia.

Top