Feds Update BSA/AML Compliance Regs: Still No One Know What KYC Means
Last Thursday, we published a post entitled No One Knows What Know Your Customer Really Means that pointed out potentially dangerous and undoubtedly actionable holes in the Banking Secrecy Act’s mandate to Know Your Customer (KYC.) Keying off a hypothetical bank customer imagined by Alvin D. Lodish over on FinanceTech, in this post we wondered if this fictional
“developer/exotic car aficionado/gambler happens to also be a terrorist financier […] what would happen if a catastrophic terrorist attack succeeds due to funding from this gentleman and the subsequent forensic investigation ties him to the crime? Would the bank be fined for not knowing this customer well enough?”
It just so happens that also on Thursday several federal regulators issued a joint statement,
“setting forth the agencies’ policy for enforcing specific anti-money laundering requirements of the Bank Secrecy Act (BSA). The purpose of the Interagency Statement on Enforcement of Bank Secrecy Act/Anti-Money Laundering Requirements is to provide greater consistency among the agencies in enforcement decisions in BSA matters and to offer insight into the considerations that form the basis of those decisions.”
So thanks to this policy statement, banks now have a clearer understanding of exactly what BSA and KYC compliance means, right? Not really.
We downloaded the PDF so you don’t have to and here’s what the Federal Reserve, Federal Deposit Insurance Corporation, Office of the Comptroller of the Currency, Office of Thrift Supervision and the National Credit Union Administration will be enforcing:
“Specifically, under each Agency’s regulations, a BSA Compliance Program must have at minimum, the following elements:
- a system of internal controls to assure ongoing compliance with the BSA;
- independent testing for BSA/AML [Anti-Money Laundering] compliance;
- a designated individual or individuals responsible for coordinating and monitoring BSA/AML compliance; and
- training for appropriate personnel.”
The inter-agency statement then goes on — pay attention here — to specify,
“…A BSA Compliance Program must include a Customer Identification Program with risk-based procedures that enable an institution to form a reasonable belief that it knows the true identity of its customers.”
What is the legal, enforceable definition of a bank’s responsibility to “form a reasonable belief that it knows the true identity of its customers?”
Let’s go back to the example of our hypothetical developer/exotic car aficionado/gambler. If his bank runs a standard background check on this guy, is that reasonable belief? What if they perform enhanced due diligence but his ability to cloak his true identity produces a false negative, is that enough to satisfy reasonable belief? Our original question remains: If this guy’s money funds terror on U.S. soil, will the bank be penalized? Reasonable belief is so subjective that even if the bank did everything in their power to resolve this identity, they could still be scapegoated for allowing a terrorist to succeed.
In response to this updated policy statement, Reps. Barney Frank, D-Mass., Spencer Bachus, R-Ala., and Stephen Lynch, D-Mass., wrote a letter to the Government Accountability Office and according to MarketWatch,
“In their letter to the GAO, the lawmakers said also bank representatives claim the rules for examinations about complying with federal anti-money laundering laws still lack clarity. Bankers also believe examiners aren’t “uniformly interpreting the requirements” of the Bank Secrecy Act, the congressmen said.
“The lawmakers asked GAO to study why the number of suspicious activity reports from banks has spiked in recent years. More than one million such reports were filed in 2006, the lawmakers said, citing the Treasury’s enforcement network. Frank and the others asked the congressional investigator to study to what extent the activity reports are filed “defensively” to avoid potential questions or sanctions from banking regulators.”
It’s really scary that because of the ambiguity surrounding BSA/AML compliance, bankers are forced to play defense against their own government, instead of being on offense against money-launders, drug traffickers and terrorists.
To Reps. Frank, Bachus and Lynchsay we say again what we said last week before this inter-agency statement came out: Congress needs to revisit AML legislation because no one really knows what Know Your Customer really means.
Subscribe to this blog