Presentation is loading. Please wait.

Presentation is loading. Please wait.

BANK SECRECY ACT RISK ASSESSMENT Tom R. Ajax, CAMS Bank Examiner, BSA/AML Subject Matter Expert Tampa Territory, Gainesville Field Office

Similar presentations


Presentation on theme: "BANK SECRECY ACT RISK ASSESSMENT Tom R. Ajax, CAMS Bank Examiner, BSA/AML Subject Matter Expert Tampa Territory, Gainesville Field Office"— Presentation transcript:

1 BANK SECRECY ACT RISK ASSESSMENT Tom R. Ajax, CAMS Bank Examiner, BSA/AML Subject Matter Expert Tampa Territory, Gainesville Field Office tajax@fdic.gov (352) 331-6044 ex. 4428

2 WHAT IS A RISK ASSESSMENT A Risk Assessment (RA) is the evaluation of specific lines of business, products, and customers that may present unique challenges and exposures for which management may need to institute appropriate policies, procedures, and processes to mitigate the identified risk.

3 RISK ASSESSMENT LINK TO THE BSA/AML COMPLIANCE PROGRAM

4 RISK ASSESSMENT Risk Assessment is a two step process. First Step is identification Second Step is analysis

5 IDENTIFICATION OF RISK MAJOR AREAS Products and Services Customers and Entities Geographic Locations OFAC

6 ANALYSIS OF RISK Statistical Analysis Size Number of Accounts Operations

7 Products and Services Certain products and services may pose a higher risk of money laundering or terrorist financing depending on the nature of the specific product or service. Such products and services may facilitate a higher degree of anonymity, or involve the handling of high volumes of currency or currency equivalents.

8 Products and Services (Cont.) Some of these products and services are listed below, but the list is not all inclusive: Electronic funds payment services electronic cash (e.g., stored value and payroll cards), funds transfers (domestic and international), payable upon proper identification (PUPID) transactions, third-party payment processors, remittance activity, automated clearing house (ACH), and automated teller machines (ATMs). Electronic banking. Private banking (domestic and international). Trust and asset management services. Monetary instruments.

9 Products and Services (Cont.) Foreign correspondent accounts (e.g., pouch activity, payable through accounts, and U.S. dollar drafts). Trade finance (letters of credit). Special use or concentration accounts. Lending activities, particularly loans secured by cash collateral, marketable securities, and credit card lending. Nondeposit account services (e.g., nondeposit investment products, insurance, and safe deposit boxes).

10 Customers and Entities Foreign financial institutions, including banks and foreign money services providers (e.g., casas de cambio, exchange houses, money transmitters, and bureaux de change). Non-bank financial institutions (e.g., money services businesses; casinos and card clubs; brokers/dealers in securities; and dealers in precious metals, stones, or jewels). Senior foreign political figures and their immediate family members and close associates (collectively known as politically exposed persons (PEPs)). Nonresident alien (NRA) and accounts of foreign individuals.

11 Customers and Entities (Cont.) Deposit brokers, particularly foreign deposit brokers. Cash-intensive businesses (e.g., convenience stores, restaurants, retail stores, liquor stores, cigarette distributors, privately owned ATMs, vending machine operators, and parking garages). Non-governmental organizations and charities (foreign and domestic). Professional service providers (e.g., attorneys, accountants, doctors, or real estate brokers).

12 Geographic Location Countries subject to OFAC sanctions, including state sponsors of terrorism. Countries identified as supporting international terrorism under section 6(j) of the Export Administration Act of 1979, as determined by the Secretary of State. Jurisdictions determined to be of primary money laundering concern by the Secretary of the Treasury, and jurisdictions subject to special measures imposed by the Secretary of the Treasury, through FinCEN, pursuant to section 311 of the Patriot Act. Jurisdictions/countries identified as non-cooperative by the Financial Action Task Force on Money Laundering (FATF).

13 Geographic Location (Cont) Major money laundering countries and jurisdictions identified in the U.S. Department of States annual International Narcotics Control Strategy Report (INCSR), in particular, countries which are identified as jurisdictions of primary concern. Offshore financial centers (OFCs) as identified by the U.S. Department of State. Other countries identified by the bank as high-risk because of its prior experiences or other factors (e.g., legal considerations, or allegations of official corruption).

14 Geographic Location (Cont) Domestic high-risk geographic locations may include banking offices doing business within, or having customers located within, a U.S. Government- designated high-risk geographic location. Domestic high-risk geographic locations include: High Intensity Drug Trafficking Areas (HIDTAs). High Intensity Financial Crime Areas (HIFCAs).

15 Geographic Location (Cont) Domestic high-risk geographic locations may include banking offices doing business within, or having customers located within, a U.S. Government- designated high-risk geographic location. Domestic high-risk geographic locations include: High Intensity Drug Trafficking Areas (HIDTAs). High Intensity Financial Crime Areas (HIFCAs).

16 OFAC Risk Assessment A fundamental element of a sound OFAC program is the banks assessment of its specific product lines, customer base, nature of transactions and identification of the high-risk areas for OFAC transactions. The initial identification of high-risk customers for purposes of OFAC may be performed as part of the banks CIP and CDD procedures.

17 OFAC Risk Assessment Another consideration for the risk assessment is account and transaction parties. New accounts should be compared with OFAC lists prior to being opened or shortly thereafter. The extent to which the bank includes account parties other than accountholders (e.g., beneficiaries, guarantors, principals, beneficial owners, nominee shareholders, directors, signatories, and powers of attorney) in the initial OFAC review will depend on the banks risk profile and available technology. Currently, OFAC provides guidance on transactions parties on checks. The guidance states if a bank knows or has reason to know that a transaction party on a check is an OFAC target, the banks processing of the transaction would expose the bank to liability, especially personally handled transactions in a high-risk area.

18 OFAC Risk Assessment In evaluating the level of risk, a bank should exercise judgment and take into account all indicators of risk. Although not an exhaustive list, examples of products, services, customers, and geographic locations that may carry a higher level of OFAC risk include: International funds transfers. Nonresident alien accounts. Foreign customer accounts. Cross-border automated clearing house (ACH). Commercial letters of credit. Transactional electronic banking.

19 OFAC Risk Assessment Foreign correspondent bank accounts. Payable through accounts. International private banking. Overseas branches or subsidiaries. Appendix M (Quantity of Risk – OFAC Procedures) provides guidance on assessing OFAC risks facing a bank. The risk assessment can be used to assist the examiner in determining the scope of the OFAC examination. Additional information on compliance risk is posted by OFAC on its web site under Frequently Asked Questions (http://www.treas.gov/offices/enforcement/ofac/faq/#finance).

20 Analysis of Specific Risk Categories The second step of the risk assessment process entails a more detailed analysis of the data obtained during the identification stage. This step involves evaluating statistics and numbers pertaining to the banks activities (e.g., number of domestic and international funds transfers, number of private banking customers, number of high-risk customers, domestic and international geographic locations of the banks business area and customer transactions, number of foreign correspondent accounts, number of payable through accounts). This part of the process assists the bank in developing the appropriate policies, procedures, and processes to mitigate the risks.

21 Analysis of Specific Risk Categories The banks detailed analysis should consider the following factors, as appropriate: Purpose of the account. Anticipated activity in the account. Nature of the customers business. Customers location Types of products and services used by the customer.

22 Banks Updating of the Risk Assessment An effective BSA/AML compliance program controls risks that may be associated with the banks products, services, customers, and geographic locations; therefore, an effective risk assessment should be an ongoing process, not a one-time result. As new products and services are introduced, existing products and services change, high-risk customers open and close accounts, or the bank expands through mergers and acquisitions, management should update its risk assessment process to re-evaluate the risks associated with money laundering and terrorist financing. Even in the absence of such changes, it is a sound practice for banks to periodically reassess their BSA/AML risks at least once per examination cycle.

23

24

25

26 Common BSA Findings in Community Banks No RA developed/documented RA lacks sufficient depth/breadth RA does not consider risks associated with all operations Business lines Products and services Customers Geographic locations


Download ppt "BANK SECRECY ACT RISK ASSESSMENT Tom R. Ajax, CAMS Bank Examiner, BSA/AML Subject Matter Expert Tampa Territory, Gainesville Field Office"

Similar presentations


Ads by Google