SlideShare a Scribd company logo

Treliant_IndustryAdvisory_AML_DFS_Dec2015

S
Steven Reback
1 of 4
Download to read offline
INDUSTRY ADVISORY FROM treliant.com WASHINGTON, DC • NEW YORK, NY • DALLAS, TX New York DFS Aims to Ratchet up december 2015 AML Provisions Under new regulations proposed by the New York State Department of Financial Services (DFS), regulated financial institutions would be required to expand and intensify their anti-money laundering (AML) and counter-terrorist financing protections. The proposed regulations are more comprehensive and specific than current requirements stated by the Financial Crimes Enforcement Network (FinCEN), Office of Foreign Assets Control (OFAC), or the Federal Financial Institutions Examination Council (FFIEC) and may impose significant new burdens on banks licensed in the State of New York as well as international institutions with branches or agencies in New York. The new regulations also require institutions to annually certify compliance with the new requirements, and may impose criminal liability on individual officers who file false or incorrect certifications. This Industry Advisory summarizes the key requirements for a Transaction Monitoring and Filtering Program and its two components—the Transaction Monitoring Program and Watch List Filtering Program. Background and Implications On December 1, the DFS proposed new AML and counter-terrorist financing regulations regarding transaction monitoring and sanctions filtering program requirements and certifications. Stating that “Money is the fuel that feeds the fire of international terrorism,” Governor Andrew M. Cuomo described the important roles that banks and regulators play in combating terrorism and financial crime. “Global terrorist networks simply cannot thrive without moving significant amounts of money throughout the world. At a time of heightened global security concerns, it is especially vital that banks and regulators do everything they can to stop that flow of illicit funds.” The DFS seeks to address shortcomings in transaction monitoring and filtering programs that have emerged as a result of recent investigations, noting a lack of robust governance, oversight, and accountability at the senior levels of some institutions. The Department also expressed concern over the effectiveness of programs currently implemented to monitor suspicious activity and interdict transactions involving sanctioned persons and entities listed by OFAC, as well as on registers of politically exposed persons (PEPs) and other internal and external watch lists. Accordingly, the proposed regulations will clarify the required attributes of a Transaction Monitoring and Filtering Program, require a Certifying Senior Officer, and mandate Annual Certifications. Significantly, the DFS may impose criminal liability on Certifying Senior Officers who file incorrect or false Annual Certifications. ThenewregulationswouldrequireallfinancialinstitutionsregulatedbytheDFStomaintainaTransactionMonitoring Program and Watch List Filtering Program (collectively, a Transaction Monitoring and Filtering Program) with specific characteristics, including comprehensive risk assessment, end-to-end pre- and post-implementation testing, easily understandable documentation, ongoing analysis, and training programs. Significantly, financial institutions would be prohibited from changing the parameters of the program in order to minimize filing of suspicious activity reports or because the institution does not have adequate resources to review all alerts generated.
INDUSTRY ADVISORY (CONTINUED) treliant.com WASHINGTON, DC • NEW YORK, NY • DALLAS, TX The proposed regulations would apply to bank regulated institutions including banks, trust companies, private bankers, savings banks, and savings and loan associations chartered in New York. It would also cover all branches and agencies of foreign banking corporations licensed to conduct banking operations in New York, as well as nonbank regulated institutions including check cashers and money transmitters. Each institution’s Transaction Monitoring Program and Watch List Filtering Program would need to be based on ongoing comprehensive risk assessment, including an enterprise-wide Bank Secrecy Act/anti-money laundering (BSA/AML) risk assessment that takes into account the institution’s size, businesses, services, products, operations, customers, counterparties, and the geographies and locations of its operations and business relations. Transaction Monitoring Program Requirements The Transaction Monitoring Program may be manual or automated, but must: • Reflect current BSA/AML laws, regulations, and alerts, and consider other relevant information including “know your customer” due diligence and enhanced due diligence, as well as information obtained from security, investigations, and fraud prevention; • Map BSA/AML risks to the institution’s businesses, products, services, customers, and counterparties; • Use detection scenarios that are based on the institution’s risk assessment, with threshold values and amounts set to detect money laundering and other suspicious activity; • Include an end-to-end, pre- and post-implementation testing of the Transaction Monitoring Program, including governance, data mapping, transaction coding, detection scenario logic, model validation, data input, and program output, as well as periodic testing; • Include easily understandable documentation articulating the institution’s current detection scenarios and underlying assumptions, parameters, and thresholds; • Include investigative protocols detailing procedures and processes by which transaction monitoring alerts will be investigated, the process for deciding which alerts will result in filings or other action, who is responsible for filing and other decisions, and documentation of investigations and the decision- making process; and • Be subject to ongoing analysis to assess continued relevancy of detection scenarios, underlying rules, threshold values, parameters, and assumptions. Watch List Filtering Program Requirements The Watch List Filtering Program must be capable of interdicting transactions prohibited by OFAC and other sanctions requirements before their execution. It may be manual or automated, but must: • Be based on technology or tools for matching names and accounts (including, as necessary, “fuzzy logic” or culture-based name conventions) based on the institution’s particular risks, transaction types, and product profiles;
INDUSTRY ADVISORY (CONTINUED) treliant.com WASHINGTON, DC • NEW YORK, NY • DALLAS, TX • Include an end-to-end, pre- and post-implementation testing of the Watch List Filtering Program, including data mapping, an evaluation of whether the watch lists and threshold settings map to the institution’s particular risks, the logic of matching technology or tools, model validation, data input, and Watch List Filtering Program output; • Incorporate watch lists that reflect current legal or regulatory requirements; • Be subject to ongoing analysis to assess the logic and performance of the technology or tools for matching names and accounts, as well as the watch lists and threshold settings used to ensure that they continue to map to the risks of the institution; and • Include easily understandable documentation that articulates the intent and design of the program tools or technology. Overall Transaction Monitoring and Filtering Program Requirements The two programs collectively must: • Identify all data sources that contain relevant data; • Validate the integrity, accuracy, and quality of data to ensure the accuracy and completeness of data flowing through the programs; • Ensure complete and accurate transfer of data from its sources to automated systems, if automated systems are used; • Require governance and management oversight, including policies and procedures governing changes to the programs such that all changes are defined, managed, controlled, reported, and audited; • Require vendor selection processes if a third party vendor is used to acquire, install, implement, or test any aspect of the Transaction Monitoring and Filtering Program; • Be adequately funded to ensure design, implementation, and maintenance of programs that are compliant with the proposed regulations; • Designate qualified internal personnel or external consultants to be responsible for the design, planning, implementation, operation, testing, validation, and ongoing analysis of the program, including automated systems if applicable, as well as case management, review, and decision-making with regard to generated alerts and potential filings; and • Provide for periodic training of all stakeholders with regard to the Transaction Monitoring and Filtering Program. Special note should be taken of the prohibition against making changes or alterations to the Transaction Monitoring and Filtering Program to avoid or minimize the number of suspicious activity reports filed, or because the institution does not have the resources to review the number of alerts generated by the required programs, or to otherwise avoid compliance with regulatory requirements.
INDUSTRY ADVISORY (CONTINUED) treliant.com WASHINGTON, DC • NEW YORK, NY • DALLAS, TX © December 2015 Treliant Risk Advisors, LLC. F1215 Each year, the Certifying Senior Officer, generally be the institution’s chief compliance officer or functional equivalent, must execute an Annual Certification in the form prescribed by the DFS, certifying that the Transaction Monitoring and Filtering Program complies with DFS requirements. An officer filing an incorrect or false Annual Certification may be subject to criminal penalties. Following the proposed regulation’s publication in the New York State Register, there will be a 45-day notice and comment period. The regulation is expected to apply to all State fiscal years beginning on April 1, 2016. This Advisory was provided by Steven M. Reback Steven Reback, Director with Treliant Risk Advisors, assists clients with a wide range of regulatory, Anti-Money Laundering (AML), and compliance concerns. He can be reached at sreback@treliant.com. Treliant Risk Advisors releases an Industry Advisory as pertinent issues affecting the financial services industry arise. To subscribe to Treliant’s Industry Advisory and Treliant’s quarterly newsletter, New Coordinates, please Contact Us at www.treliant.com/Contact-Us.

Recommended

Treliant_IndustryAdvisory NY DFS Final Regulation_September2016
Treliant_IndustryAdvisory NY DFS Final Regulation_September2016Treliant_IndustryAdvisory NY DFS Final Regulation_September2016
Treliant_IndustryAdvisory NY DFS Final Regulation_September2016Steven Reback
 
CRISIL ACAMS Las Vegas 2016 Alan Paris
CRISIL ACAMS Las Vegas 2016 Alan ParisCRISIL ACAMS Las Vegas 2016 Alan Paris
CRISIL ACAMS Las Vegas 2016 Alan ParisAlan Paris, CAMS
 
The role of Operational and Performance-based Auditing on Government and the ...
The role of Operational and Performance-based Auditing on Government and the ...The role of Operational and Performance-based Auditing on Government and the ...
The role of Operational and Performance-based Auditing on Government and the ...paul young cpa, cga
 
Crowe AML Model Risk Management Whitepaper
Crowe AML Model Risk Management WhitepaperCrowe AML Model Risk Management Whitepaper
Crowe AML Model Risk Management WhitepaperBrett Rosynek
 
Audit bab1 sem 6- Audit Approach
Audit bab1 sem 6- Audit ApproachAudit bab1 sem 6- Audit Approach
Audit bab1 sem 6- Audit ApproachNur Dalila Zamri
 
The internal audit compliance designed to relevant audit assessment
The internal audit compliance designed to relevant audit assessmentThe internal audit compliance designed to relevant audit assessment
The internal audit compliance designed to relevant audit assessmentMohammad Wahid Abdullah Khan
 
Wahid techniques – the significance and dependability manner for performance ...
Wahid techniques – the significance and dependability manner for performance ...Wahid techniques – the significance and dependability manner for performance ...
Wahid techniques – the significance and dependability manner for performance ...Mohammad Wahid Abdullah Khan
 
Internal Audit Methodology
Internal Audit MethodologyInternal Audit Methodology
Internal Audit MethodologySalih Islam
 

Recommended

Treliant_IndustryAdvisory NY DFS Final Regulation_September2016
Treliant_IndustryAdvisory NY DFS Final Regulation_September2016Treliant_IndustryAdvisory NY DFS Final Regulation_September2016
Treliant_IndustryAdvisory NY DFS Final Regulation_September2016Steven Reback
 
CRISIL ACAMS Las Vegas 2016 Alan Paris
CRISIL ACAMS Las Vegas 2016 Alan ParisCRISIL ACAMS Las Vegas 2016 Alan Paris
CRISIL ACAMS Las Vegas 2016 Alan ParisAlan Paris, CAMS
 
The role of Operational and Performance-based Auditing on Government and the ...
The role of Operational and Performance-based Auditing on Government and the ...The role of Operational and Performance-based Auditing on Government and the ...
The role of Operational and Performance-based Auditing on Government and the ...paul young cpa, cga
 
Crowe AML Model Risk Management Whitepaper
Crowe AML Model Risk Management WhitepaperCrowe AML Model Risk Management Whitepaper
Crowe AML Model Risk Management WhitepaperBrett Rosynek
 
Audit bab1 sem 6- Audit Approach
Audit bab1 sem 6- Audit ApproachAudit bab1 sem 6- Audit Approach
Audit bab1 sem 6- Audit ApproachNur Dalila Zamri
 
The internal audit compliance designed to relevant audit assessment
The internal audit compliance designed to relevant audit assessmentThe internal audit compliance designed to relevant audit assessment
The internal audit compliance designed to relevant audit assessmentMohammad Wahid Abdullah Khan
 
Wahid techniques – the significance and dependability manner for performance ...
Wahid techniques – the significance and dependability manner for performance ...Wahid techniques – the significance and dependability manner for performance ...
Wahid techniques – the significance and dependability manner for performance ...Mohammad Wahid Abdullah Khan
 
Internal Audit Methodology
Internal Audit MethodologyInternal Audit Methodology
Internal Audit MethodologySalih Islam
 
Jzanzig auditing ch 13 lecture
Jzanzig auditing ch 13 lectureJzanzig auditing ch 13 lecture
Jzanzig auditing ch 13 lecturecasahiljain1992
 
Compliance audit
Compliance auditCompliance audit
Compliance auditEmma Yaks
 
Revisiting the Four Pillars Supporting an Effective BSA/AML Compliance Program
Revisiting the Four Pillars Supporting an Effective BSA/AML Compliance ProgramRevisiting the Four Pillars Supporting an Effective BSA/AML Compliance Program
Revisiting the Four Pillars Supporting an Effective BSA/AML Compliance ProgramRachel Hamilton
 
04 Audit documentation
04 Audit documentation 04 Audit documentation
04 Audit documentation CA. (Dr.) Rajkumar Adukia
 
Audit plan and program
Audit plan and programAudit plan and program
Audit plan and programcasahiljain1992
 
Audit & compliance
Audit & complianceAudit & compliance
Audit & complianceGDE Coaching - Jean Noel Macaque
 
GP_for_Third_Party_Anti-Corruption_product_sheet
GP_for_Third_Party_Anti-Corruption_product_sheetGP_for_Third_Party_Anti-Corruption_product_sheet
GP_for_Third_Party_Anti-Corruption_product_sheetMarco Villacorta Olano
 
Presentation 1 - Different Stages of Audit
Presentation 1 - Different Stages of AuditPresentation 1 - Different Stages of Audit
Presentation 1 - Different Stages of AuditMarzanur Rahman
 
Risk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling TechniquesRisk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling TechniquesManoj Agarwal
 
SafePaaS AuditPaaS
SafePaaS AuditPaaS SafePaaS AuditPaaS
SafePaaS AuditPaaS Jane Jones
 
ISA 520 Analytical Procedures
ISA 520 Analytical ProceduresISA 520 Analytical Procedures
ISA 520 Analytical ProceduresSazzad Hossain, ITP, MBA, CSCA™
 
Presentation 2 - Planning and Internal Control Evaluation
Presentation 2 - Planning and Internal Control EvaluationPresentation 2 - Planning and Internal Control Evaluation
Presentation 2 - Planning and Internal Control EvaluationMarzanur Rahman
 
Significance of a Robust AML Risk Assessment Process for FIs and RIAs
Significance of a Robust AML Risk Assessment Process for FIs and RIAsSignificance of a Robust AML Risk Assessment Process for FIs and RIAs
Significance of a Robust AML Risk Assessment Process for FIs and RIAsAML Audit
 
Internal control system
Internal control systemInternal control system
Internal control systemMadiha Hassan
 
Internal audit ( pdf drive )
Internal audit ( pdf drive )Internal audit ( pdf drive )
Internal audit ( pdf drive )TaDo8
 
T8 Notes
T8 NotesT8 Notes
T8 NotesSam Eath Sek
 
Audit planning and risk assessment
Audit planning and risk assessmentAudit planning and risk assessment
Audit planning and risk assessmentcasahiljain1992
 
Audit evidence
Audit evidenceAudit evidence
Audit evidenceDessalegn Maru
 
Seven Elements Of Effective Compliance Programs
Seven Elements Of Effective Compliance ProgramsSeven Elements Of Effective Compliance Programs
Seven Elements Of Effective Compliance ProgramsMaria Macri
 
Compliance assessor brochure
Compliance assessor brochureCompliance assessor brochure
Compliance assessor brochureLombard Risk Management
 
5 steps to a comprehensive aml programme
5 steps to a comprehensive aml programme5 steps to a comprehensive aml programme
5 steps to a comprehensive aml programmeSILO Compliance Systems
 
No Choice But to Comply - FATCA
No Choice But to Comply - FATCA No Choice But to Comply - FATCA
No Choice But to Comply - FATCAThinksoft Global
 

More Related Content

What's hot

Jzanzig auditing ch 13 lecture
Jzanzig auditing ch 13 lectureJzanzig auditing ch 13 lecture
Jzanzig auditing ch 13 lecturecasahiljain1992
 
Compliance audit
Compliance auditCompliance audit
Compliance auditEmma Yaks
 
Revisiting the Four Pillars Supporting an Effective BSA/AML Compliance Program
Revisiting the Four Pillars Supporting an Effective BSA/AML Compliance ProgramRevisiting the Four Pillars Supporting an Effective BSA/AML Compliance Program
Revisiting the Four Pillars Supporting an Effective BSA/AML Compliance ProgramRachel Hamilton
 
GP_for_Third_Party_Anti-Corruption_product_sheet
GP_for_Third_Party_Anti-Corruption_product_sheetGP_for_Third_Party_Anti-Corruption_product_sheet
GP_for_Third_Party_Anti-Corruption_product_sheetMarco Villacorta Olano
 
Presentation 1 - Different Stages of Audit
Presentation 1 - Different Stages of AuditPresentation 1 - Different Stages of Audit
Presentation 1 - Different Stages of AuditMarzanur Rahman
 
Risk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling TechniquesRisk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling TechniquesManoj Agarwal
 
SafePaaS AuditPaaS
SafePaaS AuditPaaS SafePaaS AuditPaaS
SafePaaS AuditPaaS Jane Jones
 
Presentation 2 - Planning and Internal Control Evaluation
Presentation 2 - Planning and Internal Control EvaluationPresentation 2 - Planning and Internal Control Evaluation
Presentation 2 - Planning and Internal Control EvaluationMarzanur Rahman
 
Significance of a Robust AML Risk Assessment Process for FIs and RIAs
Significance of a Robust AML Risk Assessment Process for FIs and RIAsSignificance of a Robust AML Risk Assessment Process for FIs and RIAs
Significance of a Robust AML Risk Assessment Process for FIs and RIAsAML Audit
 
Internal control system
Internal control systemInternal control system
Internal control systemMadiha Hassan
 
Internal audit ( pdf drive )
Internal audit ( pdf drive )Internal audit ( pdf drive )
Internal audit ( pdf drive )TaDo8
 
Audit planning and risk assessment
Audit planning and risk assessmentAudit planning and risk assessment
Audit planning and risk assessmentcasahiljain1992
 

What's hot (18)

Jzanzig auditing ch 13 lecture
Jzanzig auditing ch 13 lectureJzanzig auditing ch 13 lecture
Jzanzig auditing ch 13 lecture
 
Compliance audit
Compliance auditCompliance audit
Compliance audit
 
Revisiting the Four Pillars Supporting an Effective BSA/AML Compliance Program
Revisiting the Four Pillars Supporting an Effective BSA/AML Compliance ProgramRevisiting the Four Pillars Supporting an Effective BSA/AML Compliance Program
Revisiting the Four Pillars Supporting an Effective BSA/AML Compliance Program
 
04 Audit documentation
04 Audit documentation 04 Audit documentation
04 Audit documentation
 
Audit plan and program
Audit plan and programAudit plan and program
Audit plan and program
 
Audit & compliance
Audit & complianceAudit & compliance
Audit & compliance
 
GP_for_Third_Party_Anti-Corruption_product_sheet
GP_for_Third_Party_Anti-Corruption_product_sheetGP_for_Third_Party_Anti-Corruption_product_sheet
GP_for_Third_Party_Anti-Corruption_product_sheet
 
Presentation 1 - Different Stages of Audit
Presentation 1 - Different Stages of AuditPresentation 1 - Different Stages of Audit
Presentation 1 - Different Stages of Audit
 
Risk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling TechniquesRisk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling Techniques
 
SafePaaS AuditPaaS
SafePaaS AuditPaaS SafePaaS AuditPaaS
SafePaaS AuditPaaS
 
ISA 520 Analytical Procedures
ISA 520 Analytical ProceduresISA 520 Analytical Procedures
ISA 520 Analytical Procedures
 
Presentation 2 - Planning and Internal Control Evaluation
Presentation 2 - Planning and Internal Control EvaluationPresentation 2 - Planning and Internal Control Evaluation
Presentation 2 - Planning and Internal Control Evaluation
 
Significance of a Robust AML Risk Assessment Process for FIs and RIAs
Significance of a Robust AML Risk Assessment Process for FIs and RIAsSignificance of a Robust AML Risk Assessment Process for FIs and RIAs
Significance of a Robust AML Risk Assessment Process for FIs and RIAs
 
Internal control system
Internal control systemInternal control system
Internal control system
 
Internal audit ( pdf drive )
Internal audit ( pdf drive )Internal audit ( pdf drive )
Internal audit ( pdf drive )
 
T8 Notes
T8 NotesT8 Notes
T8 Notes
 
Audit planning and risk assessment
Audit planning and risk assessmentAudit planning and risk assessment
Audit planning and risk assessment
 
Audit evidence
Audit evidenceAudit evidence
Audit evidence
 

Similar to Treliant_IndustryAdvisory_AML_DFS_Dec2015

Seven Elements Of Effective Compliance Programs
Seven Elements Of Effective Compliance ProgramsSeven Elements Of Effective Compliance Programs
Seven Elements Of Effective Compliance ProgramsMaria Macri
 
5 steps to a comprehensive aml programme
5 steps to a comprehensive aml programme5 steps to a comprehensive aml programme
5 steps to a comprehensive aml programmeSILO Compliance Systems
 
No Choice But to Comply - FATCA
No Choice But to Comply - FATCA No Choice But to Comply - FATCA
No Choice But to Comply - FATCAThinksoft Global
 
Quality management specialist
Quality management specialistQuality management specialist
Quality management specialistselinasimpson1001
 
GP for Regulatory Management Product Sheet
GP for Regulatory Management Product SheetGP for Regulatory Management Product Sheet
GP for Regulatory Management Product SheetMarco Villacorta Olano
 
Sample audit plan
Sample audit planSample audit plan
Sample audit planMaher Manan
 
IIA GAM CS 8-5: Audit and Control of Continuous Monitoring Programs and Artif...
IIA GAM CS 8-5: Audit and Control of Continuous Monitoring Programs and Artif...IIA GAM CS 8-5: Audit and Control of Continuous Monitoring Programs and Artif...
IIA GAM CS 8-5: Audit and Control of Continuous Monitoring Programs and Artif...cveiga12
 
CS 8-5_Audit and Control of Continuous Monitoring Programs and Artificial Int...
CS 8-5_Audit and Control of Continuous Monitoring Programs and Artificial Int...CS 8-5_Audit and Control of Continuous Monitoring Programs and Artificial Int...
CS 8-5_Audit and Control of Continuous Monitoring Programs and Artificial Int...cveiga12
 
Risk and controls cv
Risk and controls cvRisk and controls cv
Risk and controls cvDior Ndiaye
 
CFPB-Compliance360_Datasheet
CFPB-Compliance360_DatasheetCFPB-Compliance360_Datasheet
CFPB-Compliance360_DatasheetGeoff Griffith
 
Testing for AML Compliance ( Case Study)
Testing for AML Compliance ( Case Study)Testing for AML Compliance ( Case Study)
Testing for AML Compliance ( Case Study)Thinksoft Global
 
Goldman Sachs Investor Presentation Deck Oct 2007.pdf
Goldman Sachs Investor Presentation Deck Oct 2007.pdfGoldman Sachs Investor Presentation Deck Oct 2007.pdf
Goldman Sachs Investor Presentation Deck Oct 2007.pdfBryann Alexandros
 
AuditPaaS SafePaaS
AuditPaaS SafePaaSAuditPaaS SafePaaS
AuditPaaS SafePaaSEmma Kelly
 
SafepaaS AuditPaaS
SafepaaS AuditPaaSSafepaaS AuditPaaS
SafepaaS AuditPaaSJane Jones
 
AuditPaas by SafePaaS
AuditPaas by SafePaaSAuditPaas by SafePaaS
AuditPaas by SafePaaSJane Jones
 
Auditing Systems Development
Auditing Systems DevelopmentAuditing Systems Development
Auditing Systems Developmentessbaih
 
FS_StressTestingCapitalPlanning_BR_1213 v1
FS_StressTestingCapitalPlanning_BR_1213 v1FS_StressTestingCapitalPlanning_BR_1213 v1
FS_StressTestingCapitalPlanning_BR_1213 v1Sudip Chatterjee
 
Fiserv FCRM Platform Brochure
Fiserv FCRM Platform BrochureFiserv FCRM Platform Brochure
Fiserv FCRM Platform BrochurePaul Stabile
 

Similar to Treliant_IndustryAdvisory_AML_DFS_Dec2015 (20)

Seven Elements Of Effective Compliance Programs
Seven Elements Of Effective Compliance ProgramsSeven Elements Of Effective Compliance Programs
Seven Elements Of Effective Compliance Programs
 
Compliance assessor brochure
Compliance assessor brochureCompliance assessor brochure
Compliance assessor brochure
 
5 steps to a comprehensive aml programme
5 steps to a comprehensive aml programme5 steps to a comprehensive aml programme
5 steps to a comprehensive aml programme
 
No Choice But to Comply - FATCA
No Choice But to Comply - FATCA No Choice But to Comply - FATCA
No Choice But to Comply - FATCA
 
Quality management specialist
Quality management specialistQuality management specialist
Quality management specialist
 
GP for Regulatory Management Product Sheet
GP for Regulatory Management Product SheetGP for Regulatory Management Product Sheet
GP for Regulatory Management Product Sheet
 
Sample audit plan
Sample audit planSample audit plan
Sample audit plan
 
IIA GAM CS 8-5: Audit and Control of Continuous Monitoring Programs and Artif...
IIA GAM CS 8-5: Audit and Control of Continuous Monitoring Programs and Artif...IIA GAM CS 8-5: Audit and Control of Continuous Monitoring Programs and Artif...
IIA GAM CS 8-5: Audit and Control of Continuous Monitoring Programs and Artif...
 
CS 8-5_Audit and Control of Continuous Monitoring Programs and Artificial Int...
CS 8-5_Audit and Control of Continuous Monitoring Programs and Artificial Int...CS 8-5_Audit and Control of Continuous Monitoring Programs and Artificial Int...
CS 8-5_Audit and Control of Continuous Monitoring Programs and Artificial Int...
 
Risk and controls cv
Risk and controls cvRisk and controls cv
Risk and controls cv
 
CFPB-Compliance360_Datasheet
CFPB-Compliance360_DatasheetCFPB-Compliance360_Datasheet
CFPB-Compliance360_Datasheet
 
Testing for AML Compliance ( Case Study)
Testing for AML Compliance ( Case Study)Testing for AML Compliance ( Case Study)
Testing for AML Compliance ( Case Study)
 
SMART-AML_A4.EN.ciq
SMART-AML_A4.EN.ciqSMART-AML_A4.EN.ciq
SMART-AML_A4.EN.ciq
 
Goldman Sachs Investor Presentation Deck Oct 2007.pdf
Goldman Sachs Investor Presentation Deck Oct 2007.pdfGoldman Sachs Investor Presentation Deck Oct 2007.pdf
Goldman Sachs Investor Presentation Deck Oct 2007.pdf
 
AuditPaaS SafePaaS
AuditPaaS SafePaaSAuditPaaS SafePaaS
AuditPaaS SafePaaS
 
SafepaaS AuditPaaS
SafepaaS AuditPaaSSafepaaS AuditPaaS
SafepaaS AuditPaaS
 
AuditPaas by SafePaaS
AuditPaas by SafePaaSAuditPaas by SafePaaS
AuditPaas by SafePaaS
 
Auditing Systems Development
Auditing Systems DevelopmentAuditing Systems Development
Auditing Systems Development
 
FS_StressTestingCapitalPlanning_BR_1213 v1
FS_StressTestingCapitalPlanning_BR_1213 v1FS_StressTestingCapitalPlanning_BR_1213 v1
FS_StressTestingCapitalPlanning_BR_1213 v1
 
Fiserv FCRM Platform Brochure
Fiserv FCRM Platform BrochureFiserv FCRM Platform Brochure
Fiserv FCRM Platform Brochure
 

Treliant_IndustryAdvisory_AML_DFS_Dec2015

  • 1. INDUSTRY ADVISORY FROM treliant.com WASHINGTON, DC • NEW YORK, NY • DALLAS, TX New York DFS Aims to Ratchet up december 2015 AML Provisions Under new regulations proposed by the New York State Department of Financial Services (DFS), regulated financial institutions would be required to expand and intensify their anti-money laundering (AML) and counter-terrorist financing protections. The proposed regulations are more comprehensive and specific than current requirements stated by the Financial Crimes Enforcement Network (FinCEN), Office of Foreign Assets Control (OFAC), or the Federal Financial Institutions Examination Council (FFIEC) and may impose significant new burdens on banks licensed in the State of New York as well as international institutions with branches or agencies in New York. The new regulations also require institutions to annually certify compliance with the new requirements, and may impose criminal liability on individual officers who file false or incorrect certifications. This Industry Advisory summarizes the key requirements for a Transaction Monitoring and Filtering Program and its two components—the Transaction Monitoring Program and Watch List Filtering Program. Background and Implications On December 1, the DFS proposed new AML and counter-terrorist financing regulations regarding transaction monitoring and sanctions filtering program requirements and certifications. Stating that “Money is the fuel that feeds the fire of international terrorism,” Governor Andrew M. Cuomo described the important roles that banks and regulators play in combating terrorism and financial crime. “Global terrorist networks simply cannot thrive without moving significant amounts of money throughout the world. At a time of heightened global security concerns, it is especially vital that banks and regulators do everything they can to stop that flow of illicit funds.” The DFS seeks to address shortcomings in transaction monitoring and filtering programs that have emerged as a result of recent investigations, noting a lack of robust governance, oversight, and accountability at the senior levels of some institutions. The Department also expressed concern over the effectiveness of programs currently implemented to monitor suspicious activity and interdict transactions involving sanctioned persons and entities listed by OFAC, as well as on registers of politically exposed persons (PEPs) and other internal and external watch lists. Accordingly, the proposed regulations will clarify the required attributes of a Transaction Monitoring and Filtering Program, require a Certifying Senior Officer, and mandate Annual Certifications. Significantly, the DFS may impose criminal liability on Certifying Senior Officers who file incorrect or false Annual Certifications. ThenewregulationswouldrequireallfinancialinstitutionsregulatedbytheDFStomaintainaTransactionMonitoring Program and Watch List Filtering Program (collectively, a Transaction Monitoring and Filtering Program) with specific characteristics, including comprehensive risk assessment, end-to-end pre- and post-implementation testing, easily understandable documentation, ongoing analysis, and training programs. Significantly, financial institutions would be prohibited from changing the parameters of the program in order to minimize filing of suspicious activity reports or because the institution does not have adequate resources to review all alerts generated.
  • 2. INDUSTRY ADVISORY (CONTINUED) treliant.com WASHINGTON, DC • NEW YORK, NY • DALLAS, TX The proposed regulations would apply to bank regulated institutions including banks, trust companies, private bankers, savings banks, and savings and loan associations chartered in New York. It would also cover all branches and agencies of foreign banking corporations licensed to conduct banking operations in New York, as well as nonbank regulated institutions including check cashers and money transmitters. Each institution’s Transaction Monitoring Program and Watch List Filtering Program would need to be based on ongoing comprehensive risk assessment, including an enterprise-wide Bank Secrecy Act/anti-money laundering (BSA/AML) risk assessment that takes into account the institution’s size, businesses, services, products, operations, customers, counterparties, and the geographies and locations of its operations and business relations. Transaction Monitoring Program Requirements The Transaction Monitoring Program may be manual or automated, but must: • Reflect current BSA/AML laws, regulations, and alerts, and consider other relevant information including “know your customer” due diligence and enhanced due diligence, as well as information obtained from security, investigations, and fraud prevention; • Map BSA/AML risks to the institution’s businesses, products, services, customers, and counterparties; • Use detection scenarios that are based on the institution’s risk assessment, with threshold values and amounts set to detect money laundering and other suspicious activity; • Include an end-to-end, pre- and post-implementation testing of the Transaction Monitoring Program, including governance, data mapping, transaction coding, detection scenario logic, model validation, data input, and program output, as well as periodic testing; • Include easily understandable documentation articulating the institution’s current detection scenarios and underlying assumptions, parameters, and thresholds; • Include investigative protocols detailing procedures and processes by which transaction monitoring alerts will be investigated, the process for deciding which alerts will result in filings or other action, who is responsible for filing and other decisions, and documentation of investigations and the decision- making process; and • Be subject to ongoing analysis to assess continued relevancy of detection scenarios, underlying rules, threshold values, parameters, and assumptions. Watch List Filtering Program Requirements The Watch List Filtering Program must be capable of interdicting transactions prohibited by OFAC and other sanctions requirements before their execution. It may be manual or automated, but must: • Be based on technology or tools for matching names and accounts (including, as necessary, “fuzzy logic” or culture-based name conventions) based on the institution’s particular risks, transaction types, and product profiles;
  • 3. INDUSTRY ADVISORY (CONTINUED) treliant.com WASHINGTON, DC • NEW YORK, NY • DALLAS, TX • Include an end-to-end, pre- and post-implementation testing of the Watch List Filtering Program, including data mapping, an evaluation of whether the watch lists and threshold settings map to the institution’s particular risks, the logic of matching technology or tools, model validation, data input, and Watch List Filtering Program output; • Incorporate watch lists that reflect current legal or regulatory requirements; • Be subject to ongoing analysis to assess the logic and performance of the technology or tools for matching names and accounts, as well as the watch lists and threshold settings used to ensure that they continue to map to the risks of the institution; and • Include easily understandable documentation that articulates the intent and design of the program tools or technology. Overall Transaction Monitoring and Filtering Program Requirements The two programs collectively must: • Identify all data sources that contain relevant data; • Validate the integrity, accuracy, and quality of data to ensure the accuracy and completeness of data flowing through the programs; • Ensure complete and accurate transfer of data from its sources to automated systems, if automated systems are used; • Require governance and management oversight, including policies and procedures governing changes to the programs such that all changes are defined, managed, controlled, reported, and audited; • Require vendor selection processes if a third party vendor is used to acquire, install, implement, or test any aspect of the Transaction Monitoring and Filtering Program; • Be adequately funded to ensure design, implementation, and maintenance of programs that are compliant with the proposed regulations; • Designate qualified internal personnel or external consultants to be responsible for the design, planning, implementation, operation, testing, validation, and ongoing analysis of the program, including automated systems if applicable, as well as case management, review, and decision-making with regard to generated alerts and potential filings; and • Provide for periodic training of all stakeholders with regard to the Transaction Monitoring and Filtering Program. Special note should be taken of the prohibition against making changes or alterations to the Transaction Monitoring and Filtering Program to avoid or minimize the number of suspicious activity reports filed, or because the institution does not have the resources to review the number of alerts generated by the required programs, or to otherwise avoid compliance with regulatory requirements.
  • 4. INDUSTRY ADVISORY (CONTINUED) treliant.com WASHINGTON, DC • NEW YORK, NY • DALLAS, TX © December 2015 Treliant Risk Advisors, LLC. F1215 Each year, the Certifying Senior Officer, generally be the institution’s chief compliance officer or functional equivalent, must execute an Annual Certification in the form prescribed by the DFS, certifying that the Transaction Monitoring and Filtering Program complies with DFS requirements. An officer filing an incorrect or false Annual Certification may be subject to criminal penalties. Following the proposed regulation’s publication in the New York State Register, there will be a 45-day notice and comment period. The regulation is expected to apply to all State fiscal years beginning on April 1, 2016. This Advisory was provided by Steven M. Reback Steven Reback, Director with Treliant Risk Advisors, assists clients with a wide range of regulatory, Anti-Money Laundering (AML), and compliance concerns. He can be reached at sreback@treliant.com. Treliant Risk Advisors releases an Industry Advisory as pertinent issues affecting the financial services industry arise. To subscribe to Treliant’s Industry Advisory and Treliant’s quarterly newsletter, New Coordinates, please Contact Us at www.treliant.com/Contact-Us.