VIDEO: Incorporating FinCEN Priorities into Risk Assessment
In this Compliance Clip, Adam discusses the importance of integrating FinCEN's national priorities into financial institutions' BSA/AML/CFT risk assessments, highlighting recent proposals from FinCEN and regulatory agencies aimed at updating compliance requirements. Adam provides ways on how financial institutions can proactively incorporate these priorities into their risk assessments.
This topic is taken from our latest BSA program, the BSA Annual Update (Fall 2024).
Video Transcript
The following is a transcript of this video.
This Compliance Clip is going to talk about incorporating the FinCEN priorities into your BSA/AML/CFT risk assessment. This is a topic that I just covered in our BSA Annual Update Program, and I figured I would share it with all of you as a Compliance Clip because this is an important topic that every financial institution is going to have to consider as part of their BSA/AML program.
This topic really goes back to the main issuances, these were proposals. The first being a proposal on June 28, 2024, from FinCEN, and then the second following a few weeks later on July 19, 2024, from the regulatory agencies, the OCC, Federal Reserve Board, FDIC, and NCUA. What these proposals have done is they're planning to issue a rulemaking to update the requirements for supervised financial institutions to establish, implement, and maintain effective, risk-based, and reasonably designed anti-money laundering and countering the financing of terrorism programs.
Now, all financial institutions have a BSA/AML/CFT program, but this rule will have some nuances. One of those nuances is it's going to require supervised institutions to identify, evaluate, and document the regulated institution's money laundering, terrorist financing, and other illicit financing activity risks. This includes incorporating FinCEN's national priorities into your risk assessment. In other words, FinCEN's proposal and the regulators’ proposal say that when this rule becomes final, they're proposing that you're going to have to update your risk assessment to incorporate the list of priorities that have been published and identified by FinCEN.
This is something that FinCEN has to now do by law. They've done it for a couple of years. As of the time of this recording, which is the Fall of 2024, those priorities were last updated in, I believe, 2020. So, they've been around for a bit of time. However, these priorities could be updated on a regular basis, and what we need to do is to eventually incorporate these into our risk assessments. Now, again, at the time of this recording, this is a proposed rule, but this is going to be finalized and so, for financial institutions, it's a good idea to proactively consider implementing FinCEN's priorities into your risk assessment.
How would you do that?
I see a couple of ways to do that. The first way would be to just add the priorities in the different areas of your risk assessment, wherever it fits appropriately. You could just integrate wherever those go. The other option is to sort of add the parties as an “addendum.” Now, it's not going to be any less valuable to be an addendum, but logistically, it might provide some help for you. Because if I'm incorporating the FinCEN priorities, I want it to serve a couple of functions.
Number one, I want it to be easy for examiners to find. Examiners are already requesting that financial institutions incorporate FinCEN's priorities into the risk assessment. So if they're looking for these specific priorities, they've got a list of the priorities and they're trying to check that list off. So why not put the priorities in the same order as how FinCEN has published them in a place that's easy to find for examiners and easy for them to check the box that they're looking for to ensure that you have, in fact, incorporated them. So that's the first thing.
The second thing is to make it easy to update the priorities. These FinCEN priorities are going to be changed and updated by FinCEN on a regular basis. So if you've incorporated them throughout your risk assessment in different areas, you're going to have to remember where they were and how to change them. But if you put them all in one place, sort of as an addendum, it's going to be much easier to find them and update them when that time comes.
Now, also I like having them all in an addendum, because this would allow your financial institution to understand the risk compared to FinCEN's priorities. You could specifically look at your risk as it compares to the priorities of FinCEN.
Now, of course, the way you integrate this into your financial institution is going to be based on the size and complexity of your organization. So smaller financial institutions, it may make a lot of sense to just have an addendum, maybe a separate spreadsheet tab or a separate section in a word document, however you've created your risk assessment, to just put a whole new section in just for the FinCEN priorities. Now, for larger institutions that are more integrated, it may make sense for you to actually integrate these parties into your risk assessment, into the applicable areas that it applies, and maybe it's multiple areas, depending on the size and complexity of your organization, as well as your risk assessment.
So the bottom line is to be proactive. it makes sense to start considering how we can incorporate FinCEN's priorities into the risk assessments that we have for our BSA/AML/CFT programs.
Now, this again was a topic we covered in our BSA Annual Update Program. If you'd like to learn more and take deep dives into BSA, our BSA Annual Update Program is one that can do that, and that is available in our store at compliancecohort.com /store.
That's all I have for you today