NEWPORT, R.I. -- When it comes to Bank Secrecy Act compliance the risk based regulatory structure is the challenge says NAFCU Regulatory Compliance Director Anthony Demangone.
"You run into the Monday morning quarterback issue where you can second guess everything that happened in Sunday night's game," said Demangone. "It's hard to know what you need to do or invest in until credit unions do individual review or risk assessment of products, members, services and locations--almost a BSA strategic plan if you will before you can determine if you need to buy software or hire new employees."
He adds that the issue is that credit unions are judged after the fact either through an audit of the program or NCUA exam and they then have to defend their actions.
"The real challenge as a volunteer is how much is enough and when to say when--what is enough," said Demangone. "Because you don't want to overcomply then you are wasting member resources and you don't want to undercomply."
He says credit unions can find balance by learning as much about the real requirements and really having a thorough risk assessment.
"Know the lay of the land enough that you feel comfortable," said Demangone. "Understand risk and mitigate so you can sleep at night is an art not a science. Lots of banks and credit unions thought they were doing great until an exam revealed they still need to do more."
