Federal Banking Agencies Encourage BSA/AML Collaboration

Financial Services Law

Community banks and smaller financial institutions take note: the five federal banking agencies are encouraging banks and credit unions to enter into collaborative arrangements to share resources to more effectively and efficiently manage their Bank Secrecy Act/anti-money laundering (BSA/AML) obligations.

The Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation (FDIC), the Financial Crimes Enforcement Network (FinCEN), the National Credit Union Administration (NCUA) and the Office of the Comptroller of the Currency (OCC) said banks and credit unions may benefit from using shared resources.

What happened

“Banks may benefit from using shared resources to manage certain BSA/AML obligations more efficiently and effectively,” the agencies said. “However, banks should approach the establishment of collaborative arrangements like other business decisions, with due diligence and thorough consideration of the risks and benefits.”

Collaborative arrangements to share resources with regard to BSA/AML obligations are better suited for banks with a community focus, less complex operations, and lower-risk profiles for money laundering or terrorist financing, according to the Interagency Statement on Sharing Bank Secrecy Act Resources.

Such agreements may involve two or more banks and can involve the pooling of human, technological or other types of resources, with a common goal of reducing costs, increasing operational efficiencies and leveraging specialized expertise. The agencies noted that their statement applied only to the sharing of resources, not to collaborative arrangements formed for information sharing among financial institutions under Section 314(b) of the USA PATRIOT Act.

All banks are required to establish and maintain procedures reasonably designed to ensure compliance with the BSA and to develop and implement BSA/AML programs. Compliance—including maintaining a system of internal controls, arranging independent testing, designating a BSA compliance officer and providing training for appropriate personnel—can be costly.

A collaborative arrangement with one or more other banks can reduce those costs, the statement said, and “may also provide access to specialized expertise that may otherwise be challenging to acquire without the collaboration.” The agencies provided three examples of appropriate resources to share.

Under the category of internal controls, a collaborative arrangement between banks could allow for the sharing of resources such as reviewing, updating, and drafting BSA/AML policies and procedures; reviewing and developing risk-based customer identification and account monitoring processes; and tailoring monitoring systems and reports for the risks posed.

To work together in the area of independent testing, personnel at one bank may be used to conduct the BSA/AML independent test at another bank within a collaborative arrangement, the agencies suggested. “The banks involved in the collaborative agreement need to ensure that the shared resource conducting the BSA/AML independent testing is qualified and not involved in other BSA/AML functions at the bank being reviewed, such as training or developing policies and procedures that may present a conflict of interest or lack of independence,” according to the statement.

In some communities, it can be challenging to find personnel with BSA/AML expertise, and it can be cost prohibitive to attract a qualified outside trainer. A collaborative arrangement between two or more banks may offer the latitude to hire a qualified instructor to conduct the training, by allowing the banks to share the cost, the agencies said. The statement provided examples of basic BSA/AML training topics that may be covered by shared resources: alert analysis and investigation techniques, alert trends, and money laundering methods and regulatory updates.

As for the sharing of a BSA officer among banks, the statement frowned upon this form of collaboration.

“The sharing of a BSA officer among banks could be challenging due to the confidential nature of suspicious activity reports filed and the ability of the BSA officer to effectively coordinate and monitor each bank’s day-to-day BSA/AML compliance,” the agencies wrote. “In addition, the sharing of a BSA officer may create challenges with effective communication between the BSA officer and each bank’s board of directors and senior management. Accordingly, it may not be appropriate for banks to enter into a collaborative arrangement to share a BSA officer.”

Financial institutions should approach collaborative arrangements to manage BSA/AML obligations in a similar manner to that of any other third-party relationship, the agencies explained, with reference to their respective regulator’s existing guidance.

Banks need to comply with all applicable legal restrictions, including limitations on the disclosure of confidential supervisory information, confidential financial and business information, individual customer data, and trade secrets, as well as restrictions governing collaborative arrangements among competitors generally.

A collaborative arrangement should be supported by a contractual agreement between the banks, with performance reviewed by management and evaluated on a periodic basis. The contract should define the nature and type of the resources to be shared, define each institution’s rights and responsibilities, establish procedures for protecting customer data and confidential information, and develop a framework to manage risks associated with the sharing of resources.

Sufficient resources are required for monitoring services performed under the agreement, and periodic reports related to BSA/AML collaborative arrangements should be provided to senior management and reported to the board of directors as appropriate.

“It is important that collaborative arrangements be designed and implemented in accordance with the bank’s risk profile for money laundering and terrorist financing,” the Federal Reserve, the FDIC, FinCEN, the NCUA and the OCC agreed. “Ultimately, each bank is responsible for ensuring compliance with BSA requirements. Sharing resources in no way relieves a bank of this responsibility. Nothing in this interagency statement alters a bank’s existing legal and regulatory requirements.”

To read the Interagency Statement on Sharing Bank Secrecy Act Resources, click here.

Why it matters

The interagency statement from the Federal Reserve, the FDIC, FinCEN, the NCUA and the OCC will be of particular interest to smaller banks and community banks, which may be attracted by a collaborative arrangement to alleviate some of the costly burdens of BSA/AML compliance. However, each bank needs to conduct an individual risk analysis and weigh the benefits of potential efficiency and cost savings against all risk areas, including products, services, customers, entities and geographic locations. Finally, in response to the interagency statement, one or more third-party providers may assess whether there is an opportunity for them to facilitate collaboration through a technology-based platform that is legally compliant and secure.