By Ed WegenerShare Article
Having an AML Program Isn’t Enough – Are Your Firm’s AML Tools and Procedures Effective?
When FINRA issued its 2022 Report on its Examination and Risk Monitoring Programs, Anti-Money Laundering was listed as an area of focus for upcoming examinations. While AML programs are often listed as regulatory priorities, FINRA highlighted specific aspects of AML programs on which it will be focusing.
One focus area is assessing the tools that firms use to monitor for suspicious activity. A common area where FINRA finds violations are situations where firms are “not using AML reports or systems that accurately and reasonably capture potentially suspicious activity and are free of data integrity issues.” FINRA also highlighted failures to conduct and accurately document AML surveillance reviews, and failures to implement procedures that are reasonably designed to investigate inquiries from clearing firms that concern “red flags” of potentially suspicious activity.
The Bank Secrecy Act requires broker-dealers to report activity where it knows, suspects, or has reason to suspect that the transaction involves funds derived from illegal activity or is intended or conducted to hide or disguise funds or assets derived from illegal activity as part of a plan to violate or evade any federal law or regulation; is designed to evade any requirements set forth in regulations implementing the BSA; has no business purpose or apparent lawful purpose or is not the sort in which the particular customer would normally be expected to engage, and the broker-dealer knows of no reasonable explanation for the transaction after examining the available facts, including the background and possible purpose of the transaction; or involves use of the broker-dealer to facilitate criminal activity.
FINRA Rule 3310 requires, among other things, that firms design written supervisory procedures that can be reasonably expected to detect and cause the reporting of such suspicious transactions.
Based on its 2022 Report, FINRA will be focusing on the firm’s design and implementation of these procedures, including assessing the tools that firms use to monitor for suspicious activity.
What Should My Firm Be Doing?
Assess procedures for suspicious activity monitoring, the tools used to identify such transactions and the process for following up on flagged transactions. A well-designed AML program lays out clear and effective practices for monitoring for such activity, clearly assigns the responsibility for following up on flagged items and documenting those reviews.
Have a process to test alerting systems to make sure that they capture common red flags and that they are tuned properly.
There are resources that firms can use to identify red flags that their alerting systems should be flagging. FINRA Issued Regulatory Notice 19-18 which provides guidance to Firms regarding suspicious activity monitoring and reporting obligations. In this Notice, FINRA identifies a number of common red flags related to (a) due diligence and interactions with customers, (b) deposits of securities, (c) securities trading, (d) money movements, (e) insurance related activity and (d) other potential red flags. Firms should identify whether these red flags apply to the firm and, if so, ensure that alerts are created to identify them. Additionally, FATF and FinCEN regularly issue lists of AML typologies that firms should use to identify potential red flags for reporting purposes.
Assign the review of alerts to individuals who have the right background and training. During examinations, FINRA will review how alerts were addressed, so it is important that these reviews be well-documented and that the determinations are reasonable.
Regularly review the alerting system to make sure it is working as intended. This includes making sure that thresholds are set so that red flags are identified where appropriate while not creating too many false positives. This can be tricky and needs to be assessed regularly. It is also important to make sure that they data being used is accurate and not corrupted.
Having a well-designed and regularly tested monitoring program is a critical part of an effective AML program. Oyster’s AML experts can assist your firm in designing and testing your programs to help ensure that you pass your regulatory examinations with flying colors.