Transcript 852790 AML Presentation Mexico Chamber Eventx

Anti-Money Laundering:
A New Sense of Urgency
Frederick E. Curry III
Deloitte Transactions and
Business Analytics LLP
December 3, 2014
Association of International Bank
Auditors
Disclaimer
This publication contains general information only and Deloitte is not, by
means of this publication, rendering accounting, business, financial,
investment, legal, tax, or other professional advice or services. This
publication is not a substitute for such professional advice or services, nor
should it be used as a basis for any decision or action that may affect your
business. Before making any decision or taking any action that may affect
your business, you should consult a qualified professional advisor.
Deloitte shall not be responsible for any loss sustained by any person who
relies on this publication.
-1Copyright © 2014 Deloitte Development LLC. All rights reserved.
Deloitte.
I
Why is AML Still a Hot Topic?
II
Setting the Tone at the Top
III
Improving Compliance Capabilities
IV
Q&A
-2Copyright © 2014 Deloitte Development LLC. All rights reserved.
Section I: Why AML is Still a Hot Topic?
Why is AML Still a Hot Topic?
AML compliance is still important:
• AML statutes and compliance are still an important tool the government has
in combating financial crimes, and the war against terrorism
• Large financial institutions continue to face enforcement actions related to
requirements of BSA
• In the wake of the financial crisis, some banks reduced staff and spending on
AML compliance as part of their austerity measures
• As large banks improve BSA/AML compliance and exit higher risk
businesses, money launderers are migrating to mid-sized and smaller banks
There has been a clear increase in regulatory enforcement actions:
• In the last 5 years, the Federal Reserve has issued 113 enforcement actions
related to BSA and OFAC compliance, including 25 public cease and desist
orders and written agreements
• With these recent actions, the Federal Reserve has assessed hundreds of
millions of dollars in penalties - subject to these actions are large and small,
domestic and foreign institutions
http://www.federalreserve.gov/newsevents/testimony/powell20130307a.htm
-4Copyright © 2014 Deloitte Development LLC. All rights reserved.
Recent Enforcement Actions, Investigations, and Fines Proliferate
•
A federal jury in the Eastern District of New York ruled in favor of a
group of 297 individual plaintiffs in a civil suit accusing a foreign
bank, headquartered in the Middle East, of terrorist financing
•
A former chief compliance officer of a major money-transfer
company was investigated by FinCEN for suspected lapses in the
firms AML oversight
•
The OCC assessed a $350 million civil money penalty against a
major bank for widespread deficiencies in the bank’s BSA/AML
compliance programs with respect to suspicious activity reporting,
monitoring of transactions, internal controls and independent
testing, and other matters
•
•
FINCEN and the DOJ have begun to focus on major casinos
Within recent years there have been several cases involving fines
and penalties exceeding $50 million for violations of the BSA
Sept, 2014
May, 2014
Jan, 2014
Aug, 2013 –
Nov, 2014
-5Copyright © 2014 Deloitte Development LLC. All rights reserved.
Section II: Setting the Tone at the Top
“For the culture of compliance to be strong within an institution, the business
side of the organization needs to take AML controls seriously. And it needs to
begin with the institution’s leadership.”
- Jennifer Shasky-Calvery, Director of FINCEN
Corporate Governance
In March 2013, at a testimony before the Committee on Banking, Housing, and Urban
Affairs of the U.S. Senate, Thomas Curry, Comptroller of the Currency identified the
following as a part of the causes of a breakdowns in the fundamentals and mechanics of
sound management of operational risk for BSA/AML programs:
•
lack of strong corporate governance principles necessary to create a “culture of
compliance” within the organization.
•
lack of sufficient staffing, high turnover rates, and cutbacks in the compliance area as
common factors that have impeded the effectiveness of banks’ BSA/AML programs
On Aug. 11, 2014, FinCEN highlights the importance of maintaining a strong culture of
BSA/AML compliance for senior management, leadership and owners of all financial
institutions – regardless of size or industry sector. Shortcomings identified in recent AML
enforcement actions include:
•
its leadership actively supports and understands compliance efforts
•
efforts to manage and mitigate BSA/AML deficiencies and risks are not compromised
by revenue interests
•
the compliance program is effective by, among other things, ensuring that it is tested
by an independent and competent party
-7Copyright © 2014 Deloitte Development LLC. All rights reserved.
Personal Liability
Regulators have begun identifying individuals who are responsible for
compliance programs and holding them personally liable for deficiencies
Aug, 2014 FinCEN will
look for more
opportunities to penalize
partners, directors,
officers and employees
of financial institutions
who themselves actively
participate in
misconduct
FDIC has been using
the Financial Institutions
Reform Recovery
Enforcement Act to seek
recovery from directors
and officers of failed
financial institutions
-8-
Sept. 2014 Brad
Bennett FINRA Exec
V.P., said, chief
compliance officers are
assigned specific
responsibilities in areas
that present substantial
risks to investors, and
those who fall short will
be held accountable
Personal Liability - Recent Enforcement
FINRA
SEC
OCC
Former Global AML Compliance Officer at a major private bank was
personally fined $25,000 and suspended for one month, while the
bank was assessed a fine of $8 million
In an action against an investment adviser for failure to comply
with custody rules, the SEC pursued the firm, and alleged that
the CCO failed to take necessary steps to ensure that the firm
complied with the required custody rules
The Director and Chairman of the Board and the former
President/CEO of a bank in Miami, FL, each assessed a civil
money penalty for failing to take necessary actions to ensure
compliance with a 2005 Consent Order
-9-
Corporate Monitors
Benjamin Lawksy, New York’s superintendent of financial services is
planning to increase the scrutiny of banks and other firms operating in
New York by increasing the use of Corporate Monitors
• A compliance monitor or consultant is a creation of the last decade
• When a corporation accused of wrongdoing agrees to settle the
charges or is sentenced to probation, it is often required to pay for a
monitor to ensure that it does not break the law again
• The corporate monitor is to supervise the compliance procedures of
the company as well as beef them up
To-date Lawsky’s office has implemented the use of monitors at 7
financial institutions, and the trend only seems to be growing as Lawsky
was quoted as saying “this has been a great process,” and “the monitor
has skills we [Dept. of financial services] don’t”
-10http://online.wsj.com/articles/regulator-wants-greater-use-of-bank-monitors-1415231857
Corporate Backsliders
Regulators are Reopening Cases
The Wall Street equivalent of a parole violation: Just two years after
avoiding prosecution for a variety of crimes, some of the world’s biggest
banks are suspected of having broken their promises to behave
• Recently prosecutors have begun questioning whether a major
British bank failed to disclose the extent of its wrongdoing to the
government, imperiling the bank’s earlier settlement
• New York State’s banking regulator is taking a fresh look at old
cases, reopening settlements, and in some cases they will impose a
financial penalty that was larger than the previous assessed amount,
and other cases they may consider additional fines and penalties and
replacing Deferred Prosecution Agreements with actual prison
sentences
-11-
Section III: Enhancing the Internal Audit Process
Significance of the Internal Auditors
Regulators are looking to internal audit as the third and final line of
defense to detect irregularities within an organization’s BSA/AML and
other compliance programs while also providing assurance that the first
two lines of defense are effective.
3 Lines of Defense
Business
Operations
Oversight
Functions
Internal Audits
https://na.theiia.org/standards-guidance/mandatory-guidance/Pages/Definition-of-Internal-Auditing.aspx
-13-
Strengthening The Compliance Culture
Advisory to U.S. Financial Institutions Promoting a Culture of Compliance
August 11, 2014 FIN-2014-A007
Internal Auditor, CCOs, and CROs can help strengthen a BSA/AML
compliance culture by ensuring that:
• leadership actively supports and understands compliance efforts
• efforts to manage and mitigate BSA/AML deficiencies and risks are
not compromised
• relevant information from the various departments within the
organization is shared with compliance staff to further BSA/AML
efforts
• the institution devotes adequate resources to its compliance function
• the compliance program is effective by, among other things, ensuring
that it is tested by an independent and competent party
• its leadership and staff understand the purpose of its BSA/AML
efforts and how its reporting is used
-14-14-
Strengthening Audit Programs
In order to strengthen internal audit programs, internal auditors should:
• have comprehensive knowledge and understanding of BSA/AML
regulations
• attend external BSA/AML trainings
• have AML certification
• independently stay current on industry-leading practices, emerging
regulatory expectations, and enforcement actions
• employ data analytics for testing of AML related technology (e.g.,
transaction monitoring, sanctions screening, model validation)
-15-
Common Program Weaknesses Requiring IA’s Attention
• Insufficient resources dedicated to compliance
• Risk Assessment lacks quantitative analysis and support
• Inadequate KYC procedures, including limited view of entire
customer relationship
• Employees, Board and management have not received relevant and
targeted AML compliance training
• Inexperienced compliance staff
• Inadequate program status reporting to the Board and management
• Failure to identify and periodically monitor high risk accounts or
activity
• Suspicious activity investigations not properly documented
• AML systems and supporting technology not stress tested
• Failure to file timely and accurate required regulatory reports
-16-
Section IV: Questions and Answers
Contact Information
Deloitte Transactions and
Business Analytics LLP
555 12th St NW Ste 500
Washington, DC 20004-1207
USA
Frederick Curry
Principal
Global Anti-Money Laundering and
Sanctions Practice
Tel +1 202 378 5171
Fax +1 202 661 1371
[email protected]
www.deloitte.com
-18Copyright © 2014 Deloitte Development LLC. All rights reserved.
.
About Deloitte
As used in this document, “Deloitte” means Deloitte Transactions and Business Analytics LLP, an affiliate of Deloitte Financial Advisory Services
LLP. Deloitte Transactions and Business Analytics LLP is not a certified public accounting firm. Please see www.deloitte.com/us/about for a
detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the
rules and regulations of public accounting.
Copyright © 2014 Deloitte Development LLC. All rights reserved.