BSA Compliance Intensity Builds

When FinCEN accused U.S. Bank of willfully violating the Bank Secrecy Act in February, it served as a good reminder of the risk BSA compliance presents to all financial institutions, including credit unions. Combine that with the new FinCEN and U.S. Department of Treasury rule effective this May, and it’s understandable why BSA is consistently on the minds of so many credit union leaders.

The new rule seeks to strengthen member/customer due diligence (MDD/CDD) by providing clarity around the requirements for compliance. Examiners have long expected credit unions to take steps to verify the identities of their members and have a complete understanding of the nature of their members’ businesses. It’s just never been written down – at least not to the level it is now in the FinCEN/Treasury final rules.

Fully on the Radar

It’s interesting how often people make the assumption that credit unions, especially small cooperatives, are too far off the radar of criminals to warrant such extensive government oversight of their CDD. To them, I suggest a quick binge on the Netflix series Ozark. Although pure fiction, the series is certainly capable of opening eyes to the practice of crooks cleaning dirty money in map-dot locales.

Credit unions are aware of the threat, however. And, in fact, they have been working hard to ensure members are not laundering money or funding terrorist operations for years. The new rules simply formalize a long-practiced tradition of CDD adherence.

So, the thinking goes, if this has been an expectation and a common practice all along, is the new rule really all that burdensome? The answer, as it typically always is with compliance issues, is it depends.

Likely the biggest – or most burdensome – element of the CDD rules is the requirement specific to what’s called “beneficial ownership.” This essentially states that credit unions must know who owns or has control over a financial account. Compliance with that requirement is somewhat simple in the case of an individual who opens a checking account; not so simple in the case of a family of companies with myriad subsidiaries, for instance. Establishing the identity of beneficial owners in these situations can be quite technical and actually pretty complex. Complicating matters further is an escalating mergers and acquisitions landscape among potential business entities. Many of these involve international changes in ownership and cross-border transactions, making it more difficult to determine beneficial ownership.

Across the country, credit unions are making concerted efforts at growing, and a portion of this growth is based on targeting business members. Burdensome operations could be a hindrance to those ambitions. If, for instance, a credit union is not prepared to serve new business members quickly, they could lose the account before they even have it. What’s more, if it becomes so onerous to serve businesses with complex corporate structures, employees could shy away from the opportunity to do so, ultimately stifling the cooperative’s progress.

Since 9/11, examiners have been pretty strict about BSA compliance, and that intensity is only going to increase following the May 11, 2018 effective date of the CDD rule. Credit unions, if they haven’t already, should be putting the final touches on their updated BSA policies and procedures. They should be running down their list of the five necessary components of their BSA program as well.

Five BSA Components

When the new rules go into effect, examiners will continue to insist that a credit union’s BSA effort includes the following five elements:

1. Internal controls, such as a BSA risk assessment, CTR/SAR filings, a customer identification program and Office of Foreign Assets Control compliance efforts.

2. Independent testing for compliance, performed annually.

3. Designation of a BSA officer.

4. Annual BSA training for all staff, board and supervisory committee members.

5. Appropriate risk-based procedures for conducting ongoing customer due diligence (i.e. the new FinCEN/Treasury rules).

The Calming Effect

BSA penalties are incredibly serious, and not just because they can be a significant financial blow to the credit union. Board members and credit union employees can face personal fines and even jail time. (It’s hard to imagine something putting a more intense mental strangle hold on your team members than the threat of prison.)

Getting the actual requirements down on paper, ensuring you have the right people and controls in place and training employees on what’s expected of them actually has a pretty calming effect. When employees can see in black and white the steps they need to take, who is in charge of what and the safeguards that are in place to make their jobs easier, CDD becomes much less intimidating. Providing that reassurance now, ahead of the CDD effective date, can go a long way toward keeping staff confidently serving your members.

Brian Godwin is Interim CEO for PolicyWorks. He can be reached at brian.godwin@policyworksllc.com.