MINNEAPOLIS-A recent Wolters Kluwer Financial Services survey has found that Bank Secrecy Act compliance tops bank and credit unions' list of concerns heading into 2006. Of 119 banks and credit unions that responded to the survey, conducted by Bankers Systems-which changed its name to Wolters Kluwer Financial Services on Jan. 3 – 75% said BSA compliance was at the forefront for them. A number of the top-ranking compliance concerns for the mostly under $1 billion-in-assets set were BSA related, including anti-money laundering requirements (62%), data security (50%), compliance examinations (50%), PATRIOT Act compliance (43%), and Customer Identification Program requirements (42%). "The compliance and business challenges identified in this survey are consistent with what we're hearing from our customers on a daily basis," John Bryant, senior vice president of banking for Wolters Kluwer Financial Services, said. "Staying on top of what matters the most to their business helps us design compliance solutions and offer support that is both practical and efficient for them." "The basic requirements haven't changed much," Wolters Kluwer Financial Services Senior Attorney Sue Burt said. "What has changed is the PATRIOT Act." However, "Where the smaller organizations are getting into trouble are the basics," she added. The four basic components of any compliance program need to focus on internal controls, audits, having a dedicated compliance officer, and training, Burt explained. And credit unions need to continually perform risk assessments. The BSA violations are typically not intentional with the smaller institutions, according to Burt. Credit unions "probably have some type of program in place but they haven't dusted it off in a few years." A general rule of thumb is to at least do a risk assessment annually. If the credit union is steadily growing or adding new products, it should be done more often. She also suggested that at the time of a merger is a good time for a review. Another reason BSA is in the news is stepped up regulatory scrutiny. "The NCUA considers BSA compliance to be an essential component of safe and sound operation and every examination conducted by NCUA includes a review of this aspect of an institution's operation," according to NCUA Associate Director for External Affairs Justin Grove. "NCUA and the [Federal Financial Institutions Examination Council] have intensified the training of its examiner staff in order to ensure that BSA compliance is thoroughly reviewed in each exam across the country." Aside from the "loud and clear" message coming from the regulators, Latino Community Credit Union Treasurer Randy Chambers said protecting member assets is the primary driver behind Latino Community Credit Union's eagle eye on BSA-related issues. "It's the seriousness of it. We want to make sure we are protecting our members assets," Chambers said. Given the credit union's specialization in serving the Latino community, BSA is of particular interest, but that specialization can also make compliance a bit easier. "Routine is the best discipline for compliance," Chambers commented. The $25 million credit union opens between 700 and 1,000 new accounts each month, mostly for foreign-born individuals, and performed about 6,000 wire transfers in 2005. "This is such a fundamental for us. We wire more money than any other credit union in the country.I feel much more for a smaller credit union where the CEO [wears many hats]," Chambers explained. "How do you train the person who does two wires a month? Or six wires a year?" With 40 full-time staff and a number of very active volunteers, Latino Community Credit Union does some of its compliance work in-house and farms out other items. The credit union uses the IRnet's partnership with Vigo Remittance Program for wire transfers and – at the prompting of an examiner – when renegotiating its contract six months ago, clarified the BSA portion. Chambers said Vigo, owned by Western Union, has an excellent system which checks the transfer names against the Office of Foreign Assets Control's specially designated nationals (SDN) list. "The section we spent the most time with was the Bank Secrecy Act section," he said. Chambers added, "It's a very firm but gentle hand we've gotten from the regulators." For checking accounts, Latino Community Credit Union uses Check Systems for every new checking account opened, which also matches names against the SDN list. In addition, Chambers said the credit union checks new share accounts at the end of each day and reviews all accounts monthly against the SDN list. If there is a hit, the credit union looks further at other identifying information to determine if there is an actual match. For those credit unions with less experience in BSA issues, Chambers advised: be aware of the rules; keep informed; and know what to do when situations arise. It is in everyone's best interest for all financial institutions to be compliant, he emphasized. Burt agreed, "The biggest compliance pitfall is where you do only one or two transfers a month." Still, it is equally important for these institutions to be vigilant and monitoring is a key matter of concern. "An automated system.is certainly something that should be considered. Relying on your front-line tellers to monitor suspicious activity is not going to be enough." The lawyer added, "The wire transfer area is a hot one right now." NCUA is using a variety of outlets to get the word out to credit unions, Grove said. He pointed to NCUA's participation in the joint release of the Bank Secrecy Act Anti-Money Laundering Examination Manual last summer, which centralizes the various aspects examiners will be looking at. Additionally, he explained, "NCUA personnel provides briefings regarding BSA compliance at forums sponsored by national trade associations and various state regulators. NCUA also publishes Letters to Credit Unions addressing BSA compliance and recommends that credit unions periodically review [Financial Crimes Enforcement Network's] Web site (www.fincen.gov) for additional BSA compliance information." Cost of Doing Business The Association of Corporate Credit Unions has initiated a Compliance Clearinghouse, which focuses much of its attention on BSA requirements. ACCU Executive Director Mike Canning explained, "The group takes its work to the agency and they sit with us and say, `yes, if you get your members to do this, they should be OK on their next exams.'" "BSA is such a big issue because it puts financial institutions on the frontline of fighting terrorism," Rhonda Whitley, manager of the Compliance Clearinghouse, said. "Is it appropriate? I don't know. Does it make sense? I guess." She noted the financing of the 9/11 hijackers through U.S. financial institutions. Canning followed up, "It is appropriate given the patriotic spirit that Americans have during war times." "Among corporates specifically and financial institutions generally," Whitely said, "there is a feeling that the costs are overwhelming and I sympathize with that.but if you want to be in the business, you've got to comply." Though the cost of BSA compliance is tricky to calculate across the industry, Canning offered some anecdotal evidence he has dug up. For example, Mid-States Corporate forked out $80,000 for software and hardware for more sophisticated monitoring capabilities. Additionally, two full-time staffers were added in the correspondent services area for regulatory monitoring. He added that some other corporates' senior staffers that have been given BSA compliance responsibilities on top of their regular workload feel that that has become their entire job to the detriment of member service. Despite the "serious upfront costs," Whitley said, she expects the expenses to level out at some point. But for 2006, she said she sees additional regulatory burden in the BSA area being piled on. "Absolutely. I don't know what that will be.but I do see other things coming down the pipeline." Whitley also observed that corporate credit unions have an extra layer of protection against BSA violations because their member credit unions are performing their due diligence as well. In Violation So far there have not been any credit unions hit with major fines. The banks have been a different story. Most recently, on Dec. 19, 2005, ABN Amro Bank, N.V. was hit with $80 million in fines from the Federal Reserve Board, the Financial Crimes Enforcement Network, the New York State Banking Department, the Illinois Department of Financial and Professional Regulation, and Treasury's OFAC. Four days later, the Office of the Comptroller of the Currency issued a bulletin to national banks and regulators, adding an appendix to its Enforcement Guidance for BSA/AML Program Deficiencies entitled Process for Taking Administrative Enforcement Actions Against Banks Based on BSA Violations. The appendix aims to ensure that the OCC's process for enforcement actions for BSA violations is "measured, fair and fully informed." "We've learned we need to be more thorough in evaluating the BSA implications of all of your operations," ABA's Director of the Center for Regulatory Compliance Richard Riese said. "If your engaged in more sophisticated operations or international transmissions, these are areas that spin off a great deal of risk." The regulators have been quite open about what they want to see from banks, he commented, noting the recent publication of the joint examination manual. He emphasized that the violations that have made headlines are the exception, not the rule. "Banks should be receiving more visible credit for improving their anti-money laundering and anti-terrorist financing activities. Banks are improving the detection on those and putting in new systems," he said. "I think the industry, by and large, is in a solid position in this area," Riese stated. Though the ABA has not done a scientific analysis of the cost of BSA compliance on banks, he explained, "We've not yet arrived at a plateau and commitments of resources are continuing to increase." Riese added that the ABA plans to perform its own online survey of compliance interests and he fully expects BSA issues to make the top of the list there, too. "It's an area of a lot of interest. It's certainly something that isn't brand new. I think advances are being made," he stated. Burt said that many of the larger institutions often agree to the fines in a settlement to try to avoid the media attention but big dollar signs still grab headlines. "The fines are set high enough to make their point but not high enough to put them out of business," she said. "And to catch the attention of other banks," Wolters Kluwer Market Segment Manager Sue Pogatschnik interjected. What can be more painful is the reputational risk. "We patronize a financial institution because we trust them," Pogatschnik explained. Publicity of BSA violations can call that trust into question in the minds of consumers. NCUA's Grove said it would be "inappropriate to discuss data regarding credit unions involved with BSA violations or specific cases." At this point just one has been cited in a Letter of Understanding and Agreement regarding a BSA violation. But Burt said there is no way of knowing how many confidential informal agreements have been made. She said she had "heard of a number of those situations" where, if the credit union does not adequately respond to the agency's concerns, a more serious punishment could come about. She added that it would also depend upon the infraction. [email protected]