No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Financial Services

The Board’s Role in AML Compliance

How the Board of Directors Can Minimize AML Risk

by Ola Tucker
November 4, 2019
in Financial Services, Governance
miniature people standing on coins beside wooden blocks spelling AML

Ola Tucker, founder of Compliance Notes, discusses the board of director’s oversight role with respect to a financial institution’s BSA/AML compliance program, as well as the specific responsibilities arising out of that role.

Anti-money laundering compliance has been a main focus of regulators and prosecutors in recent years. This is evidenced by the increase in criminal and regulatory penalties imposed against financial institutions for failures relating to their Bank Secrecy Act and anti-money laundering (BSA/AML) compliance programs. In light of this scrutiny, it is critical that financial institutions make AML compliance a top priority. Prioritizing compliance necessarily begins with the institution’s board of directors and a solid understanding of its role in the oversight of the BSA/AML program.

BSA/AML Program Requirements

An effective BSA/AML compliance program, which traditionally consisted of four pillars, now consists of five pillars. The fifth pillar arises out of the Customer Due Diligence Rule (CDD Rule), which took effect in May 2018. The five pillars include:

  1. Written policies, procedures and internal controls;
  2. A designated BSA compliance officer;
  3. An employee training program;
  4. Independent testing of the BSA/AML program; and
  5. Customer due diligence procedures.

Furthermore, BSA/AML compliance programs must be risk-based and tailored to the specific institution, including the institution’s size, geographic areas(s), customer base and the products and services offered.

Additionally, financial institutions are also subject to regulations of the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC), and therefore should have sanctions screening processes and policies in place. This includes procedures to ensure that screening information is current to prevent accepting, processing or facilitating prohibited financial transactions. The OFAC policy and procedures are generally a part of an institution’s overall BSA/AML compliance program.

The Board of Directors’ Fiduciary Duties

The board of directors is the primary governing body of an institution; as such, it is entrusted with certain fiduciary obligations. The duties of care and loyalty are the traditional fiduciary duties owed by directors to the institutions they govern. Out of these overarching duties arise certain responsibilities, including responsibility for the oversight of the institution’s BSA/AML compliance program. The standard for the directors’ duty to oversee and actively monitor an organization, including its compliance activity, is set out in the seminal Delaware Court of Chancery case, In re Caremark Int’l Inc. Derivative Litigation, 698 A.2d 959 (Del. Ch. 1996), which held that corporate directors have an affirmative duty to establish and exercise appropriate control over some form of internal compliance activity.

Board Oversight of AML/BSA/OFAC

In order to execute their duties effectively, directors need to understand the organization’s business, have sufficient knowledge of the specific AML risks posed to the business and also understand the regulatory environment in which the business operates. It’s necessary that directors have a general understanding of BSA/AML program requirements, including the five pillars of an effective BSA/AML compliance program, particularly since enforcement actions for AML compliance have historically related to failures in one or more of the BSA/AML program pillars.

Having knowledge and understanding of BSA/AML program requirements and corresponding risks, however, does not imply that directors are expected to be AML compliance experts. Although ultimate responsibility for the BSA/AML compliance program rests with the board of directors, their role consists of oversight; the day-to-day management of the program rests with the designated BSA compliance officer.

The board’s oversight responsibility starts with setting the proper “tone at the top” and creating a culture of compliance throughout the institution. The Federal Financial Institutions Examination Manual (FFIEC Manual), which prescribes uniform standards for the supervision of financial institutions, states,

“the board of directors and management should create a culture of compliance to ensure staff adherence to the bank’s BSA/AML policies, procedures and processes.”

In order to set the proper tone throughout the organization, the board needs to demonstrate its commitment to compliance. Directors should actively inquire about potential AML risks and the overall functioning of the BSA/AML compliance program, including any identified gaps, weaknesses or other uncorrected issues, as well as the potential need for additional resources to address any program deficiencies.

The board should request updates and tracking of any milestones to ensure flaws are addressed. The board should also critically consider whether the information it receives is sufficient to make informed decisions. This entails ensuring open and honest communication, not just with the BSA compliance officer, but with the rest of senior management. It is the board’s responsibility to hold senior management accountable for the effective implementation of the BSA/AML compliance program.

The board must also have a high-level knowledge of specific fundamental elements of the BSA/AML compliance program, as these provide insight into potential risks and key vulnerabilities. This includes knowledge of suspicious activity reports (SARs) filed with the Financial Crimes Enforcement Network (FinCEN) and the results of internal and external testing and audits. It also includes the review and approval of the company’s AML and OFAC risk assessments and its AML and OFAC policies and procedures. Knowledge of these risk indicators will help the board to better understand the internal controls needed and also allow the board to work with senior management to set an appropriate risk tolerance.

Finally, the board needs to receive regular training tailored to its oversight role. The FFIEC Manual further states that “while the board of directors may not require the same degree of training as banking operations personnel, they need to understand the importance of BSA/AML regulatory requirements, the ramifications of noncompliance and the risks posed to the bank. Without a general understanding of the BSA, the board of directors cannot adequately provide BSA/AML oversight; approve BSA/AML policies, procedures and processes; or provide sufficient BSA/AML resources.” Furthermore, directors should understand the need for employees to receive AML training as well as the need for employees to receive ongoing guidance about identifying and reporting suspicious activity.

The BSA Compliance Officer’s Role in Board Oversight

The institution’s designated BSA compliance officer is appointed by the board and is responsible for the daily operations of the BSA/AML compliance program. The compliance officer’s role also includes supporting the board in meeting their oversight duties. This is the case whether the compliance officer reports directly to the board, as is recommended in the most recent Guidance Document on the Evaluation of Corporate Compliance Programs from the Department of Justice (DOJ), or to another senior executive who in turn reports to the board.

In order to sufficiently support the board, the compliance officer must first have an understanding of the board’s role with respect to the BSA/AML program and the specific duties and responsibilities that arise out of this role. It’s fundamental that the compliance officer establish an effective relationship with the board through regular communication and training. The compliance officer should educate the board regarding the requirements of an effective BSA/AML compliance program and the board’s oversight role regarding the program. At a high level, the compliance officer should keep the board apprised of key developments in the BSA/AML program, potential risks and vulnerabilities, any flaws and the ways in which they are being addressed, applicable impending legislation and its impact and the overall health of the program. It’s also critical that the compliance officer is able to discuss significant AML concerns with the board, as well as the need for additional resources.

Conclusion

The board’s oversight of an institution’s BSA/AML compliance program is crucial to its success. Board involvement goes a long way toward promoting an institution’s culture of compliance and sends a strong message that AML compliance is a company-wide responsibility. A solid understanding, by both the board and the BSA compliance officer, of their respective roles with regard to the program – as well as regular communications between board members and the compliance officer – will help ensure a strong and effective BSA/AML compliance program. Coordination of BSA/AML efforts at the highest levels better enables the financial institution to anticipate and mitigate risk, providing it with a sound risk mitigation strategy.


Tags: AMLBoard Risk Oversight
Previous Post

What Happens in Vegas: Takeaways from the ACAMS Conference

Next Post

2019 Reputational Risk Study: Acknowledging Compliance Gaps

Ola Tucker

Ola Tucker

Ola Tucker is the founder of Compliance Notes, a company providing professional writing services to the legal and financial services communities. Ola has over 14 years of experience implementing corporate compliance programs within the financial services industry. Her areas of expertise include anti-money laundering, anti-corruption and sanctions compliance. Ola is also an adjunct faculty member at Widener University Delaware Law School, where she teaches classes on corporate compliance programs and international anti-corruption laws. Ola is ACAMS certified and holds a J.D. from Syracuse University College of Law and a B.A. in English from Boston University.  

Related Posts

svb_f

Risky Business: Important Lessons From SVB’s Demise

by Atul Vashistha
March 28, 2023

When all is said and done, it’s likely that Silicon Valley Bank’s failure will be traced back to one serious...

Phaxis 100 dollars

AML & KYC: Addressing Key Challenges for 2023 and Beyond

by Alex Roberto
March 16, 2023

(Sponsored) In today’s world, financial criminals are often a step ahead of regulators and financial institutions who struggle to effectively...

Paul Weiss Economic Sanctions and AML Developments 2022_f

Economic Sanctions and AML Developments

by Corporate Compliance Insights
March 15, 2023

Sanctions start high and stay high 2022 Year in Review Economic Sanctions and AML Developments What’s in this report from...

money laundering concept

It Takes a Village: Preventing FinCrime Means Everybody Needs Skin in the Game

by Samar Pratt
March 15, 2023

Banks bear the brunt of consequences for financial crimes amid a huge increase in anti-money laundering fines in 2022, making...

Next Post
REd Flag Group's report cover

2019 Reputational Risk Study: Acknowledging Compliance Gaps

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT