Introduction

On April 15, 2020, the Federal Financial Institutions Examination Council (FFIEC) released updates to the Bank Secrecy Act/Anti-Money Laundering (BSA/AML) Examination Manual (Manual). The Manual, which was developed to instruct examiners in evaluating financial institutions’ compliance with the BSA/AML, is also a useful guide for financial institutions to gain insight into regulatory requirements and expectations for BSA/AML compliance programs. These are the first significant changes to the Manual since its 2014 publication.

According to Comptroller of the Currency Joseph M. Otting, the revisions represent a multiyear review of BSA/AML effectiveness and are intended to “update the nearly 50-year-old BSA/AML regime to better counter today’s criminal threats and promote the use of modern technology to protect the U.S. financial system from illicit activity.”¹ The changes are designed to clarify BSA/AML supervision and evaluation expectations but are not meant to represent a departure from previous guidance.²

The Nature of the FFEIC Updates

The revisions were undertaken by the interagency BSA/AML Working Group (composed of the U.S. Department of the Treasury Financial Crime Enforcement Network (FinCEN), Federal Reserve Board, Federal Deposit Insurance Corporation, National Credit Union Administration, and Office of the Comptroller of the Currency) and focus on the risk-based nature of BSA/AML compliance and the examination process, further distinguish between BSA/AML regulatory requirements and guidance, and incorporate regulatory changes that have occurred since 2014.

Broadly the revisions fall in the first section of the Manual on BSA/AML Compliance Programs, which is divided into four segments:

• Scoping and Planning of Examination, instructing examiners to tailor the examination to the financial institution’s risk profile, including by conducting risk-focused testing;

• BSA/AML Risk Assessment, instructing examiners on how to adequately evaluate a financial institution’s risk assessment processes, including identifying the specific risks unique to the financial institution, and focusing on the case-by-case circumstances of the financial institution;

• BSA/AML Compliance Program Assessment, providing a minimum set of procedures for a full BSA/AML examination, including the required elements of a BSA/AML compliance program (internal controls, independent testing, designation of BSA compliance officer, and training); and

• Examination Conclusions, instructing examiners to develop conclusions while keeping in mind that financial institutions have flexibility in designing BSA/AML compliance programs based on factors such as risk profile, size, complexity, and organizational structure.³

Among the updates, there is a focus on clarifying how examiners should be reviewing financial institutions’ compliance programs, risk assessments, and subsequent responses. The updates flag areas where examiners are encouraged to exercise discretion and not automatically fault financial institutions for failing to meet certain metrics, for example quotas for suspicious activity report (SAR) filings.⁴ The revisions also emphasize that “minor weaknesses, deficiencies, and technical violations alone are not indicative” of an inadequate compliance program.⁵ Overall, the updates clarify that the individual circumstances of each financial institution will dictate what is appropriate for a BSA/AML compliance program and risk assessment strategy.

What Does This Mean For Me?

The FFEIC Manual updates provide a good opportunity for financial institutions to assess current BSA/AML compliance programs and examination preparation and response protocols. For example, the revisions guide examiners to particular program benchmarks, which may serve as helpful guidance to financial institutions on enhancements to current compliance programs. The revisions also instruct examiners to review BSA compliance officers’ reports to boards of directors or senior management, as well methods to evaluate the adequacy and independence of BSA/AML compliance resources.

The FFIEC expects additional revisions to other sections of the Manual to be released in phases moving forward as the Working Group continues revising the 2014 version of the Manual. The updated first section of the Bank Secrecy Act/Anti-Money Laundering Examination Manual is available here.

¹ Comptroller of the Currency Statement on FFIEC BSA/AML Manual, News Release 2020-55 (Apr. 15, 2020), https://www.occ.treas.gov/news-issuances/news-releases/2020/nr-occ-2020-55.html.

² Federal Financial Institutions Examination Council, Federal and State Regulators Release Updates to BSA/AML Examination Manual (Apr. 15, 2020), https://www.ffiec.gov/press/pr041520.htm.

³ Federal Financial Institutions Examination Council, Interagency Statement on April 2020 Updates to the Bank Secrecy Act/Anti-Money Laundering Examination Manual (Apr. 15, 2020), https://www.ffiec.gov/press/PDF/Interagency%20Statement.pdf [hereinafter Interagency Statement].

⁴ See e.g., Federal Financial Institutions Examination Council, Bank Secrecy Act/Anti-Money Laundering Examination Manual at 5 (Apr. 2020), https://www.ffiec.gov/press/PDF/FFIEC%20BSA-AML%20Exam%20Manual.pdf.

⁵ Interagency Statement.