Given the complexity and velocity of regulations faced by financial institutions during the past decade, ensuring institutional compliance has become increasingly difficult to manage internally. Some institutions turn to instructors to lead compliance training or employ the services of e-learning providers. The result is often a piecemeal approach to the compliance process that is sufficient but suboptimal from operational, financial and risk management perspectives. Many discover that gaps remain, which must be filled to ensure the institution stays up-to-date as compliance standards for employees, records management and reporting evolve.
The five pillars of FinCEN
Financial institutions are required to meet five pillars to ensure an adequate Bank Secrecy Act (BSA)/Anti-Money Laundering (AML) compliance program:
- Written policies and procedures
- A designated BSA/AML compliance office
- Independent testing of the institution’s compliance program
- Implementation of an adequate employee training program
- The establishment of a risk-based, customer due-diligence procedure
Not only must banks demonstrate compliance with regulation, they also must attest to and demonstrate how they ensure all applicable employees are trained and aware of compliance procedures and new regulations on a continual basis.
Managing these requirements manually can introduce inherent risks and be cost prohibitive, as the penalties and reputational risks of non-compliance can be very detrimental to growth and sustainability. For example, one regional community bank received a civil money penalty of $1.25 million in April 2019 from the FDIC, “having reason to believe that the bank violated the Bank Secrecy Act…and its implementing regulations …from February 2013 through April 2017.” At the end of 2018, FinCEN assessed a $15 million penalty against UBS Financial for AML failures. FinCEN found that UBS failed to develop and implement an appropriate, risk-based AML program that adequately addressed the risks associated with accounts that included both traditional brokerage and banking-like services. And the list of penalties continues. No financial institution welcomes penalties, or the negative publicity associated with them.
Simplifying the complexity of compliance
Compliance management can be daunting, especially for financial institutions without a deep bench of qualified resources that can be assigned to the task. If your bench of compliance experts isn’t scalable or sufficient for your organization today, consider tapping the resources of a third-party provider that offers a comprehensive compliance program.
Programs such as FIS Regulatory University are designed to simplify the complex challenge of compliance. Questions to consider when you evaluate providers include:
- Foremost, does the provider have deep knowledge of regulatory compliance issues?
- Is the learning venue convenient – e.g., online – so your staff can learn in their own time and at their own pace?
- Is the solution affordable, turnkey, operationally efficient and user-friendly?
- Is the solution inclusive – specifically, includes all of the courses that financial institutions need to train staff to ensure they remain up-to-date on regulatory compliance issues?
- Are there dashboards, audit controls, automated tracking and alerts to monitor course compliance?
- Can a financial institution customize curriculum to meet its specific needs?
- Does the solution send out rolling updates about upcoming and ongoing regulatory changes well before compliance deadlines to ensure staff always remain up-to-date?
An additional important question to consider is: Does the provider employ its solution to train its own employees like FIS does to ensure that its 55,000+ employees around the world remain compliant?