How close are you to meeting the CDD rule implementation deadline?

A fifth and new rule was added to the existing BSA around July 2016. A year into it, most experts agree that you should be at least halfway to a complete implementation with the more stringent requirements already established in your processes.

If you find yourself behind on schedule, there’s still time to catch up. We’ve put together a timeline that you can adhere to in time for May 2018, and also discussed the advantages of incorporating automation into your CDD program.

The Four Pillars Of BSA

It is widely known that when the BSA, or the anti money laundering act USA was first passed, legislators promised that it would hardly create a dent in recruiting, training or operations budgets. Ask any C-suite executive today and (s)he will tell you exactly how wrong they were.

As it stands at the moment, there are four requirements for an effective BSA/AML program, though none quite so simple.

  • Development of internal policies, procedures, and related controls
  • Designation of a compliance officer
  • A thorough and ongoing training program
  • Independent review for compliance

These requirements have evolved over time after G7/G8 and G20 summits, and with over 180 countries signing up for rules set forth by the Financial Action Task Force (FATF).

The Fifth Pillar

Unfortunately, as evident in the Panama Papers – over 1 billion leaked documents incriminating wealthy and powerful individuals across the globe – the issue of money laundering is far from over. It has just become harder to spot.

To that end, the BSA put forth a new requirement in the month of July in 2016. All FIs would be required to update their Customer Identification Programs (CIPs) to include Beneficial Owner Verification (BOV). This has widely come to be known as the ‘fifth’ pillar of BSA or Customer Due Diligence (CDD).

Many organizations identify the implementation of CDD protocols as the most resource heavy AML program. The new requirement includes documentation of all owners of the account. Beneficiaries with more than 25% ownership of the company are considered owners. Regulators have gone so far as to specify that central CIP systems must be updated with all new information. Additionally, one person from the management team must be identified for the control prong of CDD implementation.

This marks a drastic shift in the attitude of regulators. By delving deeper into the nuances of ownership, the BSA has made it clear that a cursory attempt at thwarting malicious transactions is not enough. FIs have to show that every effort was taken when preparing SARs. One consolation is that certification of ownership and person in the control prong is sufficient as regulators understand that beneficiaries could be overseas and original documents unavailable.

With a rapidly approaching deadline in May 2018, we’ve put together a timeline that will help FIs achieve this target.

Wouldn’t It Be Easier To Automate Compliance?

One of the quickest way to reach 100% compliance with FinCEN regulations is through automation. While not all aspects of compliance can be automated, machine intervention can rapidly and greatly decrease the time cost of certain functions.

For example, it can easily take a compliance agent (with an AML training certificate) many hours everyday to research negative news and cross-reference owners and beneficiaries to sanctions lists. Automating these tasks not only delivers prompt responses, but they can be pre-emptive and offer a high degree of reliability.

Additionally, an FI’s responsibility does not end at identifying potentially criminal operators. They must also report them through highly specific channels via Suspicious Activity Reports (SARs). Automation can also streamline your SAR processes for efficiency and create a trail for regular audit checks.

Where Is Your Compliance Team Now?

In-house BSA compliance officers must understand the impact of the new requirement that will include a large number of organizational level changes to create a perfect AML program. Significant costs are attached to the implementation of enhanced due diligence. BSA officers will require adequate time to recruit and train talent to handle AML compliance. This is resource heavy process and will also include the cost of IT and Suspicious Activity Reporting (SAR). Although many FIs have outsourced their AML functions, there is an additional cost of upgrading SOPs and system software to include CDD/EDD programs.

The final word

With 2018 just around the corner, it’s time to have policies in place and begin the long journey towards implementation, assessing samples of high-risk customers, conduct sample audits of the same pools, and develop more policies to stay proactive when it comes to regulatory compliance. Keeping every stakeholder informed of updates, changes and requirements ensures a seamless transition from existing protocols to efficient ones.