When many compliance professionals make plans for determining a
strategy for managing your financial institution’s AML risk mitigation
strategies, the use of software, such as SimpliRisk, may be at the forefront of
planning. There are many situations for which software can be the proper tool
for alleviating some of the risks. Developing risk models for measuring your
member or customer base as a business segment is one such mitigation strategy
where software can easily assist in making the job easier to manage. Developing
specific rules to catch outliers within your portfolio is another step many
take regarding the use of software.
As effective as software is in crunching large volumes of
numbers to determine hot spots for review, there are times where the use of
software is better meant to assess a policy’s effectiveness, as opposed to
being that front line of defense. Often, when establishing AML monitoring
rules, a compliance professional is left wondering, “How do I establish a threshold to gain
insight on what is worthy of review?” Often, the answer lies within the
financial institution’s already established policies.
For example, all financial institutions have a good grasp on
the basic patterns of structuring and Currency Transaction Report (CTR)
evasion. This goes beyond industry-wide best practices, as the rules for situations
involving cash transactions is very clear, as seen in FinCEN’s Notice
to Customers: A CTR Reference Guide. It is common knowledge that the
thresholds for monitoring CTR evasion involves aggregating transactions involving
cash at a threshold above $10,000. Similarly, Monetary Instrument Log (MIL)
evasion is established by monitoring the cash purchases or exchanges of
monetary instruments within aggregated thresholds of $3,000 and $10,000. Both
instances require looking at the results of both queries and comparing those
results against the daily paperwork at the branch level.
However, as simple as this might seem, there are gaps. One
of the most common gaps involve transactions that appear outside of the system.
For instance, a person walks in with $5,000 in cash and wishes to procure a
monetary instrument for an equal or lesser amount. This request may appear to
be commonplace and inconsequential, until the AML professional realizes that
these transactions are not being easily captured. In essence, these transactions
often do not trigger a rule because the transactions are not tied to a distinct
account.
To alleviate this monitoring gap, a common practice by many
financial institutions involves policy. While not all people conducting such transactions
are necessarily doing so with the intent to obfuscate the source of funds, it
is well known that bad actors do employ such a tactic, and as such, a policy of
deposit prior to purchase is commonplace. Similarly, a policy of not executing
non-customer cash purchase transactions may be put into place as well.
One last point on this topic involves persons negotiating
checks for cash. It is important that a financial institution, specifically smaller
ones, gain an in-depth knowledge of Regulation CC,
which governs ‘funds availability’ for various deposits. While many
transactions require immediate or next-day funds availability, checks not
deemed ‘on-us’ allow for longer delays of full funds availability to ensure the
funds guaranteed by the instrument are available within the account at the other financial institution.
Becoming knowledgeable on Regulation CC and other
regulations will greatly assist in tightening your policies on higher risk
transactions. As is always the case involving policies affecting consumers,
publishing all changes, such as changes to your Regulation CC policy, in accordance
with all rules and regulations is mandatory. Managing and understanding various
controls through policy gives the AML professional better insight into
establishing risk-based thresholds for monitoring compliance, both inside and outside of
your financial institution.