Anti-Money Laundering
You Can’t Afford the Risks
Audit | Tax | Advisory | Risk | Performance
The Unique Alternative to the Big Four ®
The Risks Associated With AML/BSA Compliance Are Just Too Great to Ignore Continued increases in regulatory scrutiny and rigorous enforcement have turned compliance with the U.S. and global sanctions and anti-money laundering (AML) regimes into a front-burner issue for providers of financial services. The Bank Secrecy Act (BSA), USA PATRIOT Act, laws relating to the Office of Foreign Assets Control (OFAC) of the U.S. Department of the Treasury, European Union Anti-Money Laundering Directives, Wolfsberg Principles, and guidance from the Financial Action Task Force comprise a subset of the laws and regulatory guidance governing the global AML environment. These regulations and guidelines require businesses to be vigilant in identifying and reporting suspected money laundering, terrorist financing, and other criminal activities.
Anti-Money Laundering: You Can’t Afford the Risks
Congressional investigators and law enforcement have turned up the heat, calling on regulators to look more closely for compelling evidence of good governance, effective model risk management, strong business processes and controls, and robust program documentation, and to recommend immediate corrective actions where programs fail – more often than not, at considerable one-time and recurring costs. Crowe Horwath LLP can help you create a risk-based AML program tailored to your specific needs in today’s complex environment. From large global banks and broker-dealer organizations to credit unions and community banks; from gaming and casino operations to money transmitters and money services businesses; from startup financial technology companies to established payment processors and other financial services companies; Crowe services draw on years of experience and thought leadership to create customized and scalable solutions for all types and sizes of financial services companies and institutions. The risks of noncompliance are substantial: ■■ Reputation risk ■■ Regulatory compliance risk ■■ A broad range of operational and strategic risks ■■ High-value customer risk ■■ Earnings and performance risk With compliance requirements and expectations stemming from unique risk profiles, meeting evolving AML requirements has become a complex exercise involving a moving target. As businesses struggle to comply, regulatory requirements and expectations pose another challenge: how to meet compliance obligations without damaging customer relations or impeding business growth and innovation.
Addressing AML Compliance Requirements Offers Significant Benefits ■■ Demonstrated commitment to protecting the global financial system ■■ Reduced risk of reputation damage from regulatory action and negative publicity ■■ Increased protection of corporate and shareholder value and goodwill ■■ Proactive human and technology resource planning on AML initiatives rather than regulator-driven compliance projects ■■ Cost-effective compliance with AML laws, regulations, and regulatory expectations ■■ Effective decision-making and risk management through AML analytics Leading providers of financial services are also looking at the impact of an AML program on competition and customer relationships, viewing AML compliance as an opportunity to expand their knowledge of customers and deliver a higher level of service.
www.crowehorwath.com
3
Crowe Horwath LLP
Crowe® CLAMP®: Our AML Operating Model for Regulated Financial Services Companies The Crowe Closed-Loop Anti-Money Laundering Program (Crowe CLAMP) operating model allows financial services companies to achieve a high level of capability maturity in nine AML areas and is designed to verify that each area interacts with the others to provide appropriate and ongoing feedback. Our model includes:
1. A Strong Enterprise Foundation
3. Demonstrated Execution
5. Activity Monitoring
Surrounding an organization’s AML
Every AML program must demonstrate
The goal of AML activity monitoring
program is an enterprise foundation that
the ability to execute on the plan and the
is to identify potentially suspicious or
determines an organization’s ability to
designed organizational components.
prohibited customer activity through
respond to changes in both the busi-
An AML risk assessment produces
high-quality alerts with minimal false
ness and regulatory environments. The
a risk profile based on products,
positives. Meaningful transaction analysis
foundation consists of four components:
geography, and customer and account
requires leveraging rules-based, profiling,
corporate governance/enterprise risk
characteristics, resulting in a guide
or machine learning technologies, as
management, model risk management
for organizational priorities. Effective
well as advanced analytics. Transaction
and model governance, independent
internal controls demonstrate a history of
monitoring systems must consider your
audit, and the ability to establish effective
adequate and sound responses to areas
organization’s unique risk profile and inte-
policies that have been approved by
in need of attention. Staffing and training
grate with CDD to most effectively detect
the board.
take place at all levels of the organization,
unusual and suspicious activity. Structured
especially at those with responsibility for
analysis, tracking, and follow-up are
the AML program. Models and systems
required in order to properly manage each
relied upon for AML compliance must be
potential suspicious incident.
2. Principal Capabilities Four principal capabilities serve as the backbone of an organization’s AML program: an enterprisewide compliance risk assessment weighs the risk of legal
calibrated and validated to ensure their accuracy and effectiveness.
6. Investigations and Reporting Suspicious activity, regardless of its
or regulatory sanctions, financial loss,
4. Customer Due Diligence
origin, requires detailed investigation and
or damage to reputation and franchise
The goal of customer due diligence
documentation by qualified individuals.
value; comprehensive processes guide
(CDD) is to identify, screen, and manage
Requests for investigations may be
the development, implementation, and
the organization’s new and existing
initiated through the organization’s CDD
use of models for AML compliance;
customers that present a higher risk
efforts, its sanctions screening, activity
effective monitoring and self-testing of
for money laundering and terrorist
monitoring systems, and its fraud detec-
AML controls by the AML group prepares
financing. CDD provides the mechanism
tion processes, or externally via Section
the organization for review by indepen-
to implement the due diligence and
314 of the USA PATRIOT Act or other
dent audit; and written procedures reflect
sanctions screening processes required
avenues. Unusual activity deemed to be
the institution’s current AML program.
for every customer and the enhanced due
suspicious is reported to law enforcement
diligence processes required for those
on a Suspicious Activity Report (SAR).
who pose a higher risk.
4
Anti-Money Laundering: You Can’t Afford the Risks
“CLAMP” and the CLAMP AML framework diagram are protected intellectual property of Crowe Horwath LLP.
7. Single Customer View
9. Program Management
This is an organization’s ability to dem-
8. Data and Document Management
onstrate that it understands its customer
The Customer Identification Program
project and regulatory relationship
information and has properly associated
and other mandates require documents
management. Organizations should
and linked relationships within a line of
and history be maintained for five years.
demonstrate an ability to plan, organize,
business as well as across subsidiaries.
Backups and archives must be set up to
and manage AML projects through a
The convergence of expected and actual
allow retrieval in an organized and timely
program office. Furthermore, projects
risk requires that an organization not only
manner. Audit trails track data and enable
must be consistently executed on time
understand who the customer is, but
document capture to assist with informa-
and on budget to create regulator confi-
also what he or she is doing. A robust
tion and document warehousing, which,
dence in an institution’s ability to deliver
single customer view will help drive use
in turn, help improve management and
on what is promised.
of advanced analytics to further manage
operational reporting as well as compli-
AML risk and increase program efficiency.
ance and litigation support.
www.crowehorwath.com
Effective program management includes
5
Crowe Horwath LLP
Crowe Offers a Comprehensive Closed-Loop AML Solution Crowe brings together an integrated team of financial services industry professionals specializing in the areas of: ■■ Regulatory compliance ■■ Enterprise risk management ■■ Business process management ■■ Customer experience management ■■ Technology systems integration and implementation Our unique combination of in-depth industry knowledge, broad-based business competencies, and the Crowe CLAMP operating model offer our clients a comprehensive, closed-loop AML solution. Our solutions are configurable: they can be implemented holistically for organizations with high regulatory expectations or as point solutions targeting specific areas of need for organizations with specific regulatory requirements.
6
Anti-Money Laundering: You Can’t Afford the Risks
AML Solutions to Match Your Risk Profile Our team of AML specialists can help you create a risk-based AML compliance program tailored to your organization’s specific needs. Because there is no such thing as a one-size-fits-all program, Crowe AML solutions are customized to your organization based on risk profile, business model, size, location, customer base, corporate culture, delivery channels, products, and service offerings.
Crowe AML/BSA Services and Solutions At Crowe, we view AML compliance as a continual process of vigilance grounded in a proactive system that raises red flags when significant changes, variances, and contradictions occur. Our AML solutions can be implemented as a comprehensive compliance program or customized to focus on specific challenges.
Model Risk Management
Financial institutions are required to adapt their existing AML risk management programs to the most current industry and regulatory standards. Crowe has an established model risk management methodology and framework that help organizations meet regulatory expectations. These services include: ■■ Identifying and managing the AML model inventory ■■ Assessing AML model risks ■■ Developing and implementing AML models and systems ■■ Validating models relied upon for AML compliance ■■ Calibrating or optimizing AML system parameters ■■ Establishing governance and oversight for the model risk management program
AML Analytics and Reporting
Enhanced analytics and statistical techniques are necessary to effectively analyze and calibrate AML models to provide accurate customer risk rating, transaction monitoring, and sanctions screening capabilities. Other critical components of a strong AML program include data warehousing, integration, and governance, as well as effective data visualization and dashboards to provide management with enhanced visibility. Crowe services include: ■■ Defining AML analytics programs ■■ Establishing program KPIs and KRIs ■■ Calibrating AML system parameters ■■ Designing and developing management reporting capabilities
www.crowehorwath.com
7
Crowe Horwath LLP
Regulatory Response and Remediation
Crowe has extensive experience working with regulators to help institutions address examiner concerns and offers a broad array of AML-specific services for institutions facing enforcement actions. These services include credible and respected: ■■ Independent third-party monitoring services ■■ AML look-back reviews ■■ Independent AML audit services ■■ Financial investigation services for either ongoing support or special assignments Crowe also has extensive experience helping institutions with exam preparation and management and maintaining compliance with OFAC requirements and other global trade and economic sanctions.
AML Program Enhancement Services
As part of its broad AML program enhancement services, Crowe frequently is called upon to provide program oversight and compliance integration services in addition to specific enterprise risk assessment efforts. Crowe services include: ■■ Enterprisewide compliance, BSA/AML, and OFAC risk assessments ■■ Formulation of policies, procedures, and program standards ■■ AML program assessment and future-state road map documentation ■■ Formation and optimization of financial intelligence units ■■ Convergence of financial crimes programs ■■ Merger and acquisition management ■■ Ongoing advisory services and thought leadership ■■ Business-as-usual support and optimization ■■ Annual and ongoing BSA/AML training
Customer Due Diligence
Know-your-customer, CDD, and accurate customer risk rating capabilities are essential components of an effective AML program. Crowe offers in-depth knowledge and technological expertise in helping institutions: ■■ Establish enhanced due diligence processes and procedures ■■ Support business-as-usual EDD reviews ■■ Design and develop customer risk rating models ■■ Implement CDD and single-customer-view systems ■■ Design and execute calibration for customer risk rating models ■■ Validate CDD and customer risk rating models
8
Anti-Money Laundering: You Can’t Afford the Risks
Suspicious Activity Monitoring
Crowe offers ongoing support in the design, development, and implementation of transaction monitoring systems as well as system assessment and enhancement engagements and pre- and post-implementation calibration and validation. Services include: ■■ Alert triage to support business-as-usual processes ■■ Designing, developing, and implementing suspicious activity monitoring models ■■ Designing and executing calibration for suspicious activity models ■■ Validating suspicious activity models
Investigations and Reporting
Along with supporting regulatory mandated look-backs, Crowe provides suspicious activity monitoring, enhanced due diligence, and sanctions alert review services. Crowe brings experienced investigators to support business-as-usual processes and also assists with the optimization of AML compliance operations teams and investigations units.
Data Management
As BSA/AML programs increase their reliance on technology for effective and efficient compliance, data management and quality grow in importance. Crowe provides services to assist with: ■■ Mapping and integrating data sources to AML systems ■■ Assessing data quality and completeness ■■ Developing data management strategies ■■ Leveraging data visualization tools to support AML compliance and reporting
Technology
Through collaboration with clients and extensive experience, Crowe has developed technology solutions that support and bring efficiency to AML program components. This technology includes: ■■ Crowe Model Risk Manager – assists institutions with supporting an end-to-end model risk management program ■■ Crowe Dynamic Customer Insight – facilitates the collection of customer information, evaluation of customer risk rating, and execution of enhanced due diligence and high-risk customer reviews ■■ Crowe Caliber – assists institutions in calibrating their transaction monitoring systems and the associated parameters, adding efficiency to the tuning process ■■ Crowe Activity Review System® (CARS®) – leverages dynamic questioning and automated narrative generation to significantly reduce the amount of effort required to review suspicious activity alerts
www.crowehorwath.com
9
Crowe Horwath LLP
10
Anti-Money Laundering: You Can’t Afford the Risks
Crowe Horwath LLP: The Unique Alternative® Crowe Horwath LLP (www.crowehorwath.com) is one of the largest public accounting, consulting, and technology firms in the United States. Under its core purpose of “Building Value with Values,®” Crowe uses its deep industry expertise to provide audit services to public and private entities while also helping clients reach their goals with tax, advisory, risk and performance services. With offices coast to coast and 3,000 personnel, Crowe is recognized by many organizations as one of the country’s best places to work. Crowe serves clients worldwide as an independent member of Crowe Horwath International, one of the largest global accounting networks in the world. The network consists of more than 200 independent accounting and advisory services firms in more than 120 countries around the world.
www.crowehorwath.com
11
Contact Information Vicky Ludema +1 800 599 2304
[email protected]
www.crowehorwath.com/AML When printed by Crowe Horwath LLP, this piece is printed on Mohawk Color Copy Premium, which is manufactured entirely with Green-e certified wind-generated electricity. ®
Crowe Horwath LLP is an independent member of Crowe Horwath International, a Swiss verein. Each member firm of Crowe Horwath International is a separate and independent legal entity. Crowe Horwath LLP and its affiliates are not responsible or liable for any acts or omissions of Crowe Horwath International or any other member of Crowe Horwath International and specifically disclaim any and all responsibility or liability for acts or omissions of Crowe Horwath International or any other Crowe Horwath International member. Accountancy services in Kansas and North Carolina are rendered by Crowe Chizek LLP, which is not a member of Crowe Horwath International. © 2015 Crowe Horwath LLP RISK-16001-011A