What U.S. Federal Bank Examiners Look For in Their OFAC Compliance Examinations Tuesday, September 19, 2017, 10:30 11:15 AM Michaela Arndt Head, Sanctions Compliance, Americas and Group Head, US Sanctions Standard Chartered Bank Andy Gelinas Executive Director Global Financial Crimes Legal Advisory Group Morgan Stanley Salvatore Scotto Sanctions Compliance Bank of China September 18-19, 2017 The Princeton Club New York, NY 1
Andy Gelinas Executive Director Global Financial Crimes Legal Advisory Group Morgan Stanley 2
Key Trends in Federal Bank Examinations Examiners who are more specialized in BSA/AML and sanctions matters Focus on governance and oversight of firm s sanctions compliance program, including metrics and escalation of significant issues, risks and concerns Holistic, firm-wide approach to client due diligence, risk-rating and monitoring Sanctions screening expectations: universal coverage and high data quality more sophisticated tools 3
Sanctions Risk Management Symposium Michaela Arndt Head, Sanctions Compliance, Americas and Group Head, US Sanctions Standard Chartered Bank 4
Process Focused Examinations to Validate Sustainability Process Governance and Oversight Clearly Defined Procedures to Supplement a Risk-Based Approach Well Documented and Meaningful Decision Logs for Risk Based Decisioning 5
Sanctions Risk Management Symposium Questions? 6 September 18-19, 2017 The Princeton Club New York, NY
Bonus Slides Provided by 7
Suspicious Activity Report (SAR) U.S. financial institutions that are covered by the Bank Secrecy Act (BSA) electronically submit their SARs to FinCEN. The SAR form (FinCEN Report 111) does not have, in its Part II Suspicious Activity Information, a dedicated category or check box for OFAC or Sanctions violations 8
Customer Identification Program (CIP) 31 CFR 1020.220 (FinCEN) Implemented Section 326 of the USA Patriot Act Must be written Minimum requirements: Name Date of birth Address ID number appropriate for size and type of business incorporated into BSA/AML compliance program 9
Bank Secrecy Act (BSA) Enacted in 1970 Primary U.S. anti-money laundering (AML) law 31 USC 5311 et seq Establishes AML program, recordkeeping and reporting requirements for financial institutions 10
OFAC requirements vs. BSA requirements OFAC requirements are separate and distinct from the BSA, but both OFAC and the BSA share a common national security goal. For this reason, many financial institutions view compliance with OFAC sanctions as related to BSA compliance obligations; supervisory examination for BSA compliance is logically connected to the examination of a financial institution s compliance with OFAC sanctions. (P. 7 FFIEC BSA/AML Examination Manual) 11
Banks Undergo Regular BSA/AML Examinations U.S. financial institutions regularly undergo examinations by federal and state banking agencies Examiners tasked with reviewing records, policies, accounts, and documents to evaluate whether an institution s internal procedures are in line with applicable laws and regulations, including those of Bank Secrecy Act and OFAC 12
FFIEC BSA/AML Examination Manual Issued by Federal Financial Institutions Examination Council (FFIEC) First issued in 2005 Provides vital information on what to expect from examiner with respect to their review of compliance program Even though OFAC is not part of FFIEC, it assists in development of sections of Manual that relate to OFAC reviews Manual mentions the word OFAC 316 times, including in the first sentence See Reviews By Bank Examiners May Result In Action By OFAC P. 123 SanctionsAlert.com Conference Bonus Materials 13
Products/Services with Higher Level OFAC Risk International funds transfers. Nonresident alien accounts. Foreign customer accounts. Cross-border ACH transactions. Commercial letters of credit and other trade finance products. Transactional electronic banking. Foreign correspondent bank accounts. Payable through accounts. Concentration accounts. (P. 146 FFIEC BSA/AML Examination Manual) International private banking. Overseas branches or subsidiaries 14
FFIEC BSA/AML Exam Manual on Interdiction Software The bank s policies, procedures, and processes should address how the bank identifies and reviews transactions and accounts for possible OFAC violations, whether conducted manually, through interdiction software, or a combination of both. ( (P. 147 FFIEC BSA/AML Examination Manual) 15
FFIEC BSA/AML Exam Manual on Reviewing Licenses Before processing transactions that may be covered under a general license, banks should verify that such transactions meet the relevant criteria of the general license. (P. 144 FFIEC BSA/AML Examination Manual) 16
emorandum of Understanding (MOU) Between OFAC and Federal Bank Regulators https://www.treasury.gov/resourcecenter/sanctions/documents/mou_final.pdf 17
Memoranda of Understanding (MOU) Between OFAC and State Bank Regulators Source: OFAC website 18
New York Department of Financial Services (DFS) Part 504 Rule Rule effective January 1, 2017 First certification due on April 18, 2018 Who is subject? Banks and non-bank institutions licensed or chartered under NY law Banks Branches and agencies of foreign banks Trust companies Private bankers Savings banks Savings and loan associations Requirements of Filtering Program Reasonably designed for purpose of interdicting transactions that are prohibited by OFAC. Based on on-going, enterprise wide Risk Assessment Based on technology, processes or tools reasonably designed to identify prohibited transactions through name and account matching or otherwise End-to-end pre- and post-implementation testing of various factors including mapping risks to OFAC sanctions lists, matching logic detection scenarios and other factors, as relevant Documentation of the program and its tools and processes 19
Source: Audience Poll from SanctionsAlert.com August 2017 Webinar on NYDFS Part 504 Rule (238 attendees) 20
Source: Audience Poll from SanctionsAlert.com August 2017 Webinar on NYDFS Part 504 Rule (238 attendees) 21