RSM Resources

With concern about terrorists continuing to rise,it’s becoming more difficult than ever for midsized banks to comply with the Bank Secrecy Act (BSA), which was originally approved by Congress nearly 35 years ago to fight drug trafficking, money laundering and other crimes by requiring a paper trail of transactions through the financial system.

In March 2005, the number of BSA-required "suspicious activity reports" filed by banks jumped 40 percent to 43,500 — up from about 31,000 for the same time period a year earlier. The 2001 PATRIOT Act, which increased money-laundering compliance requirements in the BSA, is partially responsible for the increase.

So, too, were government fines of $40 million and $25 million levied against two banks in 2004 for not complying with the BSA. Industry estimates project 2005 bank compliance costs at about $11 billion — a 50 percent increase since 2002.

But financial institution professionals say there are ways to minimize those costs while still complying with reporting requirements. The key is to zero in on the primary issues and figure out which buttons are hot and which are not.

Zeroing in on compliance

"The banks really are on the front line when it comes to the concerns of Congress and the current administration regarding terrorist financing," says Robert Rowe, regulatory counsel for the Independent Community Bankers of America association. "When your next audit comes up, you can count on one thing: The examiners are going to focus on BSA compliance."

That doesn’t mean, however, that bankers need to push the panic button and completely revamp their compliance programs, according to Rowe. Instead, he suggests reviewing the procedures you already have in place and ensuring they’re up to date.

"Make sure you’ve dotted all your ’i’s’ and crossed all those ’t’s,’" says Rowe. "For the most part, banks have had good compliance programs in place for more than 15 years — and they’ve done a good job of handling the recent changes. The number of banks that have actually been identified as violating compliance regulations is miniscule."

Customer identification procedure software

One area Rowe suggests bankers key in on is customer identification procedures (CIP), noting that compliance regulations allow some flexibility in this area, which is both a blessing and a curse. Although they’re not foolproof, software programs can be a big help in monitoring and updating the lists of terrorists against which bankers must check prospective customers, Rowe says.

Another area of focus should be employee training,according to Tess Rice, a former examiner for the Federal Reserve Bank and currently the general counsel for the Minnesota Bankers Association. She notes that the changes enacted through the PATRIOT Act require banks to provide anti-money-laundering training to all of their employees.

"Often times, there’s a lot of turnover at banks in the entry-level positions," Rice says. "Banks need to make sure that these employees get the training they need in a timely fashion."

Money-service businesses and government guidance

Both Rowe and Rice agree that the latest (and hottest) hot button is money-service businesses, or MSBs. MSBs can include everything from Western Union to a grocery store or a bar that cashes checks for its customers. With many banks interpreting the new compliance regulations to hold banks responsible for all their MSB customers’ customers, some have simply decided to discontinue serving MSBs. The feeling is that the additional risk and expense associated with servicing these accounts is so great that there’s no way to pass along the resulting increases in costs.

"I think bankers have been given some mixed messages regarding BSA compliance," Rice says. "Some new guidance issued recently suggests that the government doesn’t expect banks to be responsible for everything the MSBs do."

The No. 1 tip that both Rowe and Rice have to offer bankers is to do their best to keep current with the guidance offered by government agencies. Rowe notes that all of the involved agencies post current information on their Web sites. Rice lists the guidance bulletins issued by organizations such as hers as another good source of information. Furthermore,there are a number of relatively new software tools on the market designed to help with many of the new compliance tasks, including training employees, educating customers, and even providing the framework for developing a comprehensive set of compliance policies and procedures.

Proactive compliance audits

Finally, if you’ve done everything you can and are still uncertain about how your compliance efforts will fare in the eyes of the bank examiners, some industry experts recommend working with a consultant to do a pre-examination audit of your compliance procedures. Many times banks — while not hit with fines for violations — are nonetheless required to ramp up their compliance programs. If you wait until after the bank examiners’ visit, you are typically required to respond with the necessary improvements within 60 days.The time constraints alone can inflate the cost of making the necessary changes. Doing so on your own schedule — before the examiners get there — can save both money and aggravation. It’s the old "ounce of prevention" maxim at work.

The emergence of common sense

Increased compliance regulations have created a double-edged sword that is costing the government more money — and increasing the frustration level of regulators, examiners and enforcement officials too. What’s more, the added paperwork has become so burdensome that it interferes with the ability of enforcement officials to do what the PATRIOT Act intended in the first place: Identify real terrorists and prevent them from using our banking systems. The surge in suspicious activity reports alone — especially those considered to be "defensive" reports submitted by banks to cover themselves against every imaginable compliance risk — could actually be causing more harm than good.

In a speech to the Financial Services Roundtable Annual Meeting in Palm Beach, Fla., on March 31, Susan Schmidt Bies, a member of the Federal Reserve System Board of Governors told listeners: "These defensive filings threaten to clutter the SAR (suspicious activity report) database with information that cannot be properly analyzed due to the volume."

Bies went on to acknowledge bankers’ concern over the increased burden of complying with the additional requirements, the lack of consistency in oversight and supervision, and law enforcement issues, noting that regulators do understand that bankers can’t be expected to detect every transaction. She also referenced MSBs, indicating that it was never the government’s intent to take actions that would deprive some businesses of banking services.

Bies reminded listeners about "interagency efforts to develop and issue new, enhanced Bank Secrecy Act examination guidelines and procedures within the next few months." Her speech emphasized her belief that compliance can best be achieved through "a partnership among banks, supervisors and law enforcement agencies." She also pointed out that the Federal Reserve and other bank supervisory agencies recently agreed to share more information with the U.S. Treasury Department’s financial crimes enforcement network in order to further reduce unwarranted compliance burdens on banks.

Rowe thinks this kind of a teamwork approach may help provide just the kind of relief bankers are looking for.

"I’m very impressed by how hard they’re trying to coordinate their efforts and work together with bankers," he says. "It seems to me they have a very real desire to get things right this time. I’m hoping it will set a benchmark for the future."