WASHINGTON – Corporate credit unions throughout the nation are still trying to get a handle on exactly what they should be doing to comply with the Bank Secrecy Act. BSA is considered a vital reg to help cut off funding for terrorists and detect illegal activity in the financial services industry. According to corporates and credit unions, regulators seem to be cracking down on compliance. "I come into contact with state and federal regulators on a regular basis, and their primary focus is on compliance with BSA. They're taking a stern approach on non-compliance," said Corporate America CU CEO Thomas Bonds. Bonds said his corporate has heard so much about not only BSA compliance, but also compliance with the Office of Foreign Assets Control and the USA Patriot Act that it has formed a new CUSO to help credit unions. CU Compliance Group, Inc., will review credit unions' policies and procedures with these anti-money laundering regs and provide formal reviews and audits to mitigate regulatory compliance risks. On-site reviews by CPAs and attorneys are part of its program. Bonds, who himself is an attorney and CPA, says the worst thing that can happen to a CU now is to be declared non-compliant and receive a Document of Resolution from the regulator. "Regulators will get very aggressive to get them into compliance," he said. Corporate America has two attorneys and two CPAs on staff that will work the CUSO, as well as another outside CPA and attorney. "It is my opinion that virtually every credit union will be required by regulators to prove they've had some type of external review of their anti-money laundering programs. Credit unions will need to look outside the credit union for this," said Bonds. While the new CUSO can assist natural person CUs through the regulatory maze, corporates also need help. The word coming from corporate operational leaders is the guidance from regulators is creating a lot of gray area. WesCorp VP of Operational Integrity and Innovation Dennis Toda said BSA is a tough reg for corporates because it requires financial institutions to monitor suspicious transactions, yet corporates do not directly serve members. "The difficulty is you're supposed to report when you're suspicious of someone's activity. A large part of suspicion has to do with knowing the practices of the member. We have no contact with our members' members, so having no concept of whether their transaction is normal business or some illegal transaction, makes it difficult," said Toda. Financial institutions are required to scrutinize transactions of $5,000 or more. If they suspect illegal activity, they must file a Suspicious Activity Report (SAR). The problem for the corporates said Toda is the corporate may not know the member just started a new business and is seeing higher transactions because of it, or if a member is legitimately wiring money home to their family in another country to put food on the table. Compounding this is the regs restrict what financial institutions can say to each other about potentially suspect transactions. Toda said corporates and CUs will need to communicate more if it turns out corporates are going to be required to monitor individual transactions. But for corporates it may eventually boil down to monitoring the overall transaction patterns of their credit unions. "For us we feel it's going to be more about profiling the credit unions. If we see wire volumes going up significantly in the last two months, it may mean something," said Terry Faurote, VP of correspondent services for Mid-States Corporate. Even at this aggregate level, Faourote said corporates would need guidance on what is suspicious. If a CU goes from 10 wires a month to 20, it's still a low number but it's a 100% increase. Should that warrant a SAR? "Increased activity could just mean the credit union's business consultants are out there signing up new business, not illegal activity," Faurote. He said corporates could use software to monitor large volumes of transactions to cut down on what is now a very manual process. But Faurote said Mid-States has discovered that finding the right software can be difficult and expensive, in the $500,000 range. He said corporates don't want to spend the time and money implementing new software until they know their role with BSA. Mid-Atlantic Corporate VP of Administration Lori Gall said while corporates may have trouble gauging the patterns of individual credit union members, they do have an advantage of seeing the bigger picture in a particular region. "If someone is wiring money to five different credit unions in Pennsylvania, we might be able to pick up the pattern, whereas it would look normal to each individual credit union," said Gall. Gall said Mid-Atlantic is doing cross-platform monitoring. "We have one system that's designed to look at ACH activity, large dollar returns, wire transfer activity, international activity. And then we have a threshold of $5,000 where we're looking to see any multiple transactions," said Gall. She noted that savvy criminals may do a series of transactions below $5,000 – what's called "stacking" – to avoid detection, so CUs can't just rely on the $5,000 threshold. Toda noted that regulators also won't take kindly to excessive SAR filings. "Some credit unions might want to bury them in paper and say it shows their adherence to the law, but it's not really doing law enforcement and the regulators any good." Corporates are scheduled to meet with NCUA in June on BSA guidance. -

[email protected]