Leading Practices Challenges Facing Todays Financial Industries Practitioners

1
Leading Practices Challenges Facing Todays
Financial Industries Practitioners
María de Lourdes Jiménez, Esq. Corporate
Compliance Director Senior Vice President
2
Leading Practices Challenges Facing Todays
Financial Industries Practitioners
Enterprise-Wide Risk Assessment Program
Policy Procedures
Independent Review
Training
Compliance Function
3
Enterprise Wide-ProgramCorporate Governance

• Board of Directors have to understand the
  framework of risk-focused supervision and to
  govern accordingly. This applies to AML and
  terrorist financing. AML is about these risk
  areas
• Reputational
• Compliance
• Operational
• Strategic
• Board should have an adequate AML training and
  awareness, documented discussions, understanding
  of the risk to the enterprise, employees, and to
  themselves.

4
Enterprise Wide-Program Corporate Governance

• Recommended
• It is a leading practice for the Board Audit
  Committee, Board Risk Management Committee, or
  the Board AML Committee govern AML and to receive
  periodic reports and approve or ratify policy
  changes.
• The Board Committee should recommend policy,
  including risk tolerance policy, to the full
  Board, and the full Board should consider and act
  on the recommendations when periodically
  reviewing the program.
• At least once a year.

5
Enterprise Wide-Risk Assessment Matrix

• Policies and Procedures
• Financial institutions must evaluate
• Money laundering risks associated with each
  existing business.
• If their business policies and procedures are
  sufficient to accommodate the identified risks.
• Programs should be aligned with industry best
  practices.
• Four levels of program documentation
• Board approved policy framework
• Enterprise wide guidance and standards
• Robust implementing AML policies and procedures.
• Records documenting actions planned taken and
  communication.

6
Enterprise Wide-Risk Assessment Matrix

• Risk assessment shall be designed to mitigate the
  AML risks on an enterprise-wide basis.
• Major focus
• Increase risk assessment efforts on those who fit
  a high-risk profile.
• Correspondent banking with foreign banks
  considered high risk.

7
Enterprise Wide-Risk Assessment Matrix

• Policies and Procedures
• Challenges
• Reaching out and engaging the different
  businesses, products and services, and the
  support areas of consequence, and not just
  conventional banking.
• Developing and articulating risk typologies and
  risk criteria, and then measuring or scoring
  customers, other parties, products, services,
  geographies, and distribution.

8
Enterprise Wide-Risk Assessment Matrix

• Policies and Procedures
• Challenges
• Respond, tracking, managing, and reporting the
  risk information
• Continuously improving, sustaining and validating
  the process.

9
Proactive Monitoring

• Tailor all reports to monitor unusual or
  suspicious transactions.
• Conduct periodic audits and involve adequate
  transaction testing to determine the
  effectiveness of the Program.
• Audit Program shall use risk analysis
  methodology.
• Exceptions must be corrected promptly.

10
AML Training

• Why is training important?
• Learning/Training are the keys to establishing a
  culture of compliance.
• All employees must be trained on the policies and
  related procedures before dealing with customers.
• Validate knowledge or weaknesses of the training
  participants (test).

11
AML Training

• AML Training function duties and
  responsibilities
• Must establish controls, coordination, design and
  support to all AML training efforts of the
  corporation.
• Satisfy the training needs, identified during the
  on-going evaluation of the process and statutory
  requirements, including OFAC regulations and USA
  PATRIOT Act provisions as they apply to our
  different financial services, its subsidiaries
  and applicable affiliates

12
AML Training

• AML training goals and objectives
• Tailor your training needs based on audience or
  business functions.
• Incorporate in the BSA/AML training program all
  the applicable areas of the USA PATRIOT Act and
  its related regulations.
• Establish procedures to account for
  recommendations received from Internal Audit
  Division in order to ascertain that action is
  taken on a timely basis.

13
Compliance Function

• Ensure there are enough resources to effectively
  manage the program.
• The compliance officer should have full access or
  be part of the Senior Management team.
• Responsibilities should be carried out under a
  compliance program.

14
Compliance Function

• Depends on the complexity of the structure of
  your Institution.
• Must be independent and have a formal status
  within the bank.
• Staff must be knowledgeable and experienced.
• Empowered to develop and implement changes.

15
Compliance Function

• The compliance officer should have full access or
  be part of Senior Management.
• Leading Practice
• Large, complex corporations should create a
  Corporate Chief Compliance Officer position, in
  order to ensure consistency in all entities.

16
Independent Review

• Ensure audit program considers all high-risk
  methodology elements.
• Determine the rule-based and/or the risk-based
  approach.
• Be proactive in resolving business issues on
  compliance.

17
Independent Review

• Align your monitoring review process to
  examiners.
• Leading practice
• Create a monitoring review group in the
  Compliance Department.

18
Monitoring Group Methodology
19
Areas to Watch

• OFAC How much should you review?
• Verify if all policies and procedures across the
  different business in the corporation are in
  place to comply with OFAC regulations.
• Ensure that all existing accounts suppliers, real
  estate, corporation employees, landlords, etc.,
  are checked regularly against the existing OFAC
  sanction lists.

20
Areas to Watch

• OFAC How much should you review? (Cont.)
• Consider that OFAC applies to all transactions
  performed by the corporation.
• Automate the access and updates to the OFAC SDN
  lists of suspected terrorist and those engaged in
  illicit activities.

21
Areas to Watch

• OFAC How much should you review?
• To perform an accurate automated screening
  process make sure you storage information related
  to the customer considering all financial
  relationship, address, points of contacts and
  others.

22
Areas to Watch

• Managing USA PATRIOT Act
• Beyond the traditional Branch business, we must
  ensure an integration or validation of each
  section of Title III to other processes,
  businesses or products such as
• Suspicious Activity reporting for security
  brokers dealers.
• Prohibitions/requirements for accounts for
  foreign banks.
• Enhanced due diligence for foreign bank
  correspondent accounts.
• Enhanced due diligence for foreign private
  banking clients.
• Managing 314 (a b)