3 min read

Five Compliance Tips for Mid-Size Banks

Picture of Rachel Dettmer Rachel Dettmer : April 06, 2023

Blog posts
wooden blocks in a row with checks

Are you an AML compliance professional working for a mid-size bank? If so, you're in the right place. 

Whether you've been in the business for decades or are just starting out, here are five compliance tips that every mid-size bank should know to avoid costly mistakes. 

So, keep reading, and let's get started... 

 

1. The Financial Crimes Enforcement Network (FinCEN) Anti-Money Laundering Act Priorities 

“These priorities are something we should already be thinking about, doing, or have controls in place for” – Chuck Taylor, Executive Vice President, Financial Crimes Advisory. 

While the priorities were announced in June 2021, very limited guidance has been issued. Regardless, banks and financial institutions still need to be proactive while waiting for confirmation on the guidance.  

Here are some practical tips within your control that will help you to prepare for implementing the priorities: 

  • Start adding the priorities to your risk assessments. There should be a mention of all priorities in your risk assessment and a general statement confirming they are covered by your program 
  • Conduct a gap analysis to identify your strong or weak controls 
  • Identify and include alert scenarios  
  • Start mentioning the priorities as keywords when filing SARs 
  • Finally, it's important to be pragmatic, don’t forget these priorities aren’t confirmed yet, and they do not require dedicated resources. Your approach to them still needs to be efficient! 

Aligning to these regulatory objectives will help to ease the transition when the guidance is issued.  

 

2. Foster Relationships 

The key to a successful relationship with regulators and law enforcement officials is to remember that they do not like surprises. 

Most officials are reasonable, and by actively and frequently engaging in an open dialogue about how you identify, understand, and manage your organization’s risk, the more comfortable they will get with your risk management process. 

Candidly sharing this process with them builds a foundation of trust and fosters a positive relationship that you might need in the future should a problem be identified in your compliance program.

 

3. Don’t Over-Engineer Compliance Controls  

Although compliance programs can be complicated, the idea is simple: Follow the rules but apply your risk appetite, as BSA compliance is intended to be risk-based rather than prescriptive. 

Excessive diligence and ineffective controls will cause you to lose sight of the real and immediate problems.  

Be aggressive in tuning and turning off transaction monitoring rules that are unproductive to remove the outliers, and don’t be afraid to try new things and go against the grain of ‘this is the way we have always done things.’ 

If you can demonstrate the logic and defend your reasoning with evidence while still meeting your overall compliance obligations, remove the rules that are no longer serving their purpose or adding value to your compliance program.  

This will create more time to focus on and target the rules that serve you better and, ultimately, catch the bad guys.  

 

4. Tune and Optimize Your System  

Tuning and optimizing your system needs to be robust and ongoing, not merely an activity performed by a vendor when the system is installed or an annual exercise thereafter. 

Ultimately, it's your system, and you need to be driving it. 

A vendor will not understand your risk tolerance or profile the same way you will. Vendors are also not regulated or held to the same standards in the way that banks and financial institutions are, and it is not their duty to ensure the system is operating correctly. 

Actively test and explore the functions regularly, customize your solution, challenge the vendor, and look at your data mapping for gaps and errors, particularly if your organization has experienced growth or implemented new products and services. 

 

5. Invest in Technology  

The goal is for analysts to be analyzing information, not collecting it – so even if you add more members to your compliance team, the challenge of collecting data remains. 

By incorporating technology such as machine learning, artificial intelligence, and robotic process automation, you can optimize and improve how data is collected, as well as streamline lower-risk compliance processes to realize time and cost efficiencies.  

By automating manual processes, you can empower your analysts to make accurate, data-driven decisions and remove the pressure of needing to grow your team to achieve higher outputs.  

 

If you want to hear the above discussed in more detail, listen to our webinar here.

Or, if you want to find out more about our services and solutions and how we can help you, simply fill out our contact form, and we’ll start the conversation.