Over the past few years regulators and examiners concentratedtheir efforts on problems stemming from the recent financialcrisis. The trend has now turned back to money laundering and theBank Secrecy Act.

Authorities are now investigating several big banks for failureto monitor cash transactions and thereby allowing drug dealers andterrorists to use financial institutions to assist in furtheringtheir criminal activities.

Banks' Failure to Take Action

HSBC, Citi, Zions Bank, The Royal Bank of Scotland, Wachovia andStandard Chartered, to name a few, have all fallen under theregulators' lash for not implementing sufficient BSA/AML/OFACmonitoring programs. Since adequate programs were not in place, itcreated lapses that allowed criminal activity to flow through theirinstitutions. Millions of dollars in penalties are beingassessed.

In many of these cases, deficiencies were previously noted, butthe financial institutions failed to take action. This stresses thepoint of always addressing exam findings before your next exam. Insome cases, especially if the violation was found to be egregious,financial institutions are publicly taken to task without any priorviolation noted.

Not Just a Big Bank Problem

An important thing to keep in mind is that this is not just abig bank problem; all financial institutions are at risk. I havebeen to many institutions of various sizes over the past couple ofmonths where examiners have severely criticized and written upinstitutions for not doing enough to look for and track suspiciousactivity.

In many of these situations, the organizations were small,low-risk institutions with no evidence of suspiciousactivity. The examiners' concerns were that if there had beensuspicious activity, it wouldn't have been caught because thecredit unions were not looking for it.

What Examiners Want to See

Even if you have the same examiner as previous years, you arenot in the clear. I spoke to a few institutions that had the sameexaminer as their previous exam, and they still had their programsripped apart, analyzed and criticized.

So, what can you do to put up a strong defense againstregulatory scrutiny? Here are a couple of tips:

Evaluate your BSA/AML program.

Examiners are putting emphasis on the last time you evaluatedyour program to make sure it is still sufficient for “current”risk. Are you validating the data is coming into your AMLsystem accurately?

Conduct an independent evaluation on a regularbasis.

Not only is it important, but it is required to get an outsideopinion on your institution's suspicious activity monitoringprogram.

The FFIEC BSA/AML Manual stresses that your program must berisk-based, periodically reviewed by the BSA Officer and alsoindependently reviewed to ensure that if suspicious activity is orwas to occur at your institution it will not go unidentified andunreported.

Periodically has unofficially been accepted as annually, unlessthere has been an acquisition, merger or other major event at yourinstitution.

Examiners are cracking down, and you need to be prepared. Areyou doing enough?

Maleka Ali isthe manager of Education and Consulting at Banker's Toolbox inAustin, Texas.