Skip to Search
Skip to Main Content
Main Content

Godfrey & Kahn Updates

Anti-Money Laundering Compliance is a Key Regulatory Focus

Financial Institutions Update
October 29, 2004

Bank Secrecy Act/Anti-Money Laundering Compliance (BSA/AML) is now a primary focus of bank regulators. This message was reiterated several weeks ago at the American Bankers Association/American Bar Association Money Laundering Enforcement Seminar in Washington, DC. This meeting brought together bank regulators and members of the financial services industry to discuss the current state of regulation of and compliance with the Bank Secrecy Act, including the USA PATRIOT Act and the related anti-money laundering regulations.

During the seminar, representatives of the federal bank regulatory agencies and the Treasury Department discussed a number of trends in the regulation and examination of BSA/AML compliance by banks. There was also a significant amount of discussion relating to the recent enforcement actions announced by the regulatory agencies.

There are a number of key comments of which you should be aware.

  1. BSA/AML compliance is the hottest compliance topic in banking today.

    This is due to the general climate after 9/11 and concern about detecting terrorist financing. The regulatory agencies are under very close scrutiny from Congress in this area. Regulators made it clear that this focus applies to banks of all sizes. All banks should review their BSA/AML compliance programs to ensure that their program meets the new evolving standards.

    The regulatory expectation of the quality of a bank’s BSA/AML compliance program has increased significantly. During examinations, the regulators are looking much more carefully at the details of the BSA/AML compliance programs. Examinations include a review of basic program elements. There is a particular emphasis on the processes in place to detect and report suspicious activity across all of a bank’s lines of business.

    Banks should determine what information their existing system reports can provide to support the detection of unusual activity. They should also ask their system vendors if there are other available reports that could be used for this purpose. Bank personnel should be taught how to identify unusual activity and report it to the proper person or area within the bank to determine if the activity should be reported as suspicious.

  2. An evolving focus of the regulations and the examination process is on the development of risk based compliance programs.

    Regulators are expecting to see and review a bank’s risk assessments in areas including its CIP process and suspicious activity monitoring. Generally, in today’s environment, banks must assess the BSA/AML risk related to its customers’ products and geographies. This is a general trend in compliance programming and something of a shift in emphasis. For banks that have not embraced this process, it is critical to do so immediately.

    As an example of how this issue impacts community banks, if a bank has a location near a college or university campus, its CIP procedures should address how to verify the identity of foreign students and faculty members. Such banks should have a method for evaluating the level of risk presented by such potential customers.

  3. Regulators are expecting the Board of Directors and senior management to understand and support BSA/AML compliance.

    The regulations require board approval of a bank’s BSA/AML compliance program. The regulatory expectation is that this adoption process is more than a once-a-year approval process. Regular substantive reports to the board about the compliance process should be made and recorded in the minutes. The board and senior management should be exposed to the training provided to bank employees.

  4. Banks must deploy sufficient resources to support their BSA/AML compliance efforts.

    The point was made a number of times that the time for doing BSA/AML compliance "on the cheap" has passed. The commitment to provide resources must clearly come from the top of the organization. The resources include personnel and systems, both internal and external. Comprehensive ongoing training must be in place (and is a required element of a BSA/AML compliance program). Banks should investigate what compliance support is available from their system vendors and how such functionality can be used in their compliance program. Banks should also review the number and level of expertise of the personnel assigned to their compliance efforts to determine if they are "resource poor" in this critical area. The establishment of a culture of compliance is critical in establishing a successful program. This can only be created through board of director and senior management buy-in and comprehensive, ongoing training.

  5. Scrutiny of compliance with the sanction programs administered by the Office of Foreign Assets Control (OFAC) is increasing significantly.

    Historically, regulators have done very little to assess bank compliance with the requirements of the sanction programs. Many banks have made the assumption that if they do not have international customers, activities or transactions, they have no OFAC compliance risk. This has never really been true, but the examination exposure has been low since the process did not involve a careful analysis of this compliance function. This is changing. New examination procedures will include a major expansion of the inquiry in this area. Banks need to identify one or more experts responsible for understanding the sanction programs. A review of a bank’s systems and products should take place to determine where OFAC filtering should take place and to identify what activities within the bank’s lines of business present OFAC compliance risk. Banks should review their procedures for dealing with "hits" against the OFAC list to ensure that they are able to differentiate false from actual hits. These procedures should include comparing the additional identifying information on the OFAC list with the information the bank has about the person that triggered the hit to confirm the status of the hit. Finally, the bank must have a process for handling "blocked assets" under the sanction programs.

Each bank should review its BSA/AML compliance program in light of the rapid changes occurring. It is important to understand that these changes will affect banks of all asset sizes. This is not just a large bank issue.


Get practical insights on COVID-19 legal issues for your business.

Visit Resource Center

Media Contact 

If you have a media request or need an attorney with particular knowledge for comment, please contact Kyle Mondy, Marketing & Communications Manager, at 414.287.9481 or


Subscribe today to receive firm newsletters and blogs, client updates, seminar announcements, and more according to your preferences and areas of interest.


For more information on this topic, or to learn how Godfrey & Kahn can help, contact our COVID-19 Response Team.

Disclaimer and Legal Notices

Copyright © 2021 Godfrey & Kahn, S.C.

Attorneys at Law - All rights reserved.


Client Login