‘Risk-focused’ approach to BSA/AML outlined in regulator/FinCEN joint statement

Common practices for assessing a credit union’s or bank’s money laundering/terrorist financing risk profile are outlined in a joint statement from federal financial institution regulators issued Monday, providing what the agencies said was a “risk-focused” approach to allow them to better tailor examination plans and procedures based on the unique risk profile of each institution.

According to the agencies, their approach to combatting money laundering and terrorist financing outlined in the statement will assist examiners in scoping, planning the examination of and initially evaluating the adequacy of Bank Secrecy Act and anti-money laundering (BSA/AML) compliance programs at institutions under review.

“Using this approach, the agencies generally are able to allocate more resources to higher-risk areas and fewer resources to lower-risk areas when conducting BSA/AML examinations,” the agencies stated.

The joint statement was released by the Federal Deposit Insurance Corp. (FDIC), Federal Reserve, National Credit Union Administration (NCUA), the Office of the Comptroller of the Currency (OCC), and the Treasury’s Financial Crimes Enforcement Network (FinCEN). The statement was developed by a working group formed by the regulators and FinCEN aimed at improving the effectiveness and efficiency of the BSA/AML regime.

The agencies said the statement was an effort to improve transparency into the risk-focused approach used for planning and performing BSA/AML examinations and does not establish new requirements.

“Risk-focused BSA/AML examinations consider a bank’s unique risk profile,” the agencies noted in their statement, adding that examiners use risk assessments and independent testing when planning and conducting examinations.

“Examiners assess the adequacy of a bank’s BSA/AML compliance program during each examination cycle,” they stated. “The extent of examination activities necessary to evaluate a bank’s BSA/AML compliance program generally depends on a bank’s risk profile and the quality of its risk management processes to identify, measure, monitor, and control risks, and to report potential money laundering, terrorist financing, and other illicit financial activity.”

Joint Statement on Bank Secrecy Act/Anti-Money Laundering Supervision