Agencies seek feedback on BSA/AML guidance

(April 16, 2021) NCUA and other federal agencies are seeking feedback on how well four-year-old guidance for complying with anti-money laundering and Bank Secrecy Act (AML/BSA) requirements is working for them, according to a request for information (RFI) issued late last week.

NCUA joined with the federal banking agencies, as well as Treasury’s Financial Crimes Enforcement Network (FinCEN) and the Office of Foreign Assets Control (OFAC) in issuing the RFI. It seeks comment on the principles outlined in the 2017 interagency “Supervisory Guidance on Model Risk Management.” Comments are due June 11 (following a 60-day comment period).

According to the RFI, it is aimed at enhancing the agencies’ understanding of institutions’ practices with respect to BSA/AML and OFAC compliance and determining whether additional explanation or clarification may increase transparency, effectiveness, or efficiency.

Even though the banking agencies’ model risk management guidance (MRMG) does not apply to credit unions, the RFI nonetheless seeks input from the perspective of credit unions as well as banks.

The OCC, Fed Board, and FDIC, in consultation with NCUA and FinCEN, also issued a statement late last week to clarify that the risk management principles discussed in the model risk management guidance (MRMG) are appropriate considerations in the context of the BSA/AML statutory and regulatory requirements.

In an unrelated, but topical, development this week, the U.S. Justice Department announced the indictment of two individuals who used a now-defunct New York credit union (and others) as their cover in helping the individuals (now defendants under the federal indictment) allegedly facilitate more than $1 billion in high-risk transactions that were carried out without AML controls. In a release, the DOJ said the two defendants were charged with failure to maintain an anti-money laundering program, failure to file suspicious activity reports (SARs), and operation of an unlicensed money transmitting business (MSB).

According to the DOJ, the former New York State Employees Federal Credit Union (NYSEFCU) of New York, N.Y. – a $2 million credit union liquidated in 2017 by NCUA, citing (among other things) AML/BSA deficiencies — allowed the defendants to conduct high-risk transactions through the credit union during 2014-16. The DOJ said the defendants allegedly caused the transfer of more than $1 billion in high-risk transactions, including hundreds of millions of dollars originating from foreign jurisdictions, through NYSEFCU and other entities.

The law enforcement agency said that, contrary to their representations of being trained and well-versed in AML practices, the defendants “willfully failed to implement and maintain the requisite AML programs or conduct oversight required to detect, identify, and report suspicious transactions.

This caused, among other things, the NYSEFCU to process more than a billion dollars in high-risk transactions,” during the individuals’ relationship with the credit union, “without ever filing a single Suspicious Activity Report, as required by law,” the DOJ said.

NASCUS, in conjunction with CUNA, each year sponsors a BSA/AML Certification School, widely viewed as the premier event of its kind for credit unions in the subject area. The event is typically held in the fall; last year’s event, in the wake of the coronavirus crisis, was held as a virtual “e-school.” The annual program helps attendees boost their status as reliable, confident authorities on all things relevant to the Bank Secrecy Act (BSA). It also offers them an opportunity to earn or recertify their BSA Compliance Specialist (BSACS) designation.

Request for Information and Comment: Extent to Which Model Risk Management Principles Support Compliance With Bank Secrecy Act/Anti-Money Laundering and Office of Foreign Assets Control Requirements