Anti-Money Laundering

You Can’t Afford the Risks

Audit  |  Tax  |  Advisory  |  Risk  |  Performance

The Unique Alternative to the Big Four ®

The Risks Associated With AML/BSA Compliance Are Just Too Great to Ignore Continued increases in regulatory scrutiny and rigorous enforcement have turned compliance with the U.S. and global sanctions and anti-money laundering (AML) regimes into a front-burner issue for providers of financial services. The Bank Secrecy Act (BSA), USA PATRIOT Act, laws relating to the Office of Foreign Assets Control (OFAC) of the U.S. Department of the Treasury, European Union Anti-Money Laundering Directives, Wolfsberg Principles, and guidance from the Financial Action Task Force comprise a subset of the laws and regulatory guidance governing the global AML environment. These regulations and guidelines require businesses to be vigilant in identifying and reporting suspected money laundering, terrorist financing, and other criminal activities.

Anti-Money Laundering: You Can’t Afford the Risks

Congressional investigators and law enforcement have turned up the heat, calling on regulators to look more closely for compelling evidence of good governance, effective model risk management, strong business processes and controls, and robust program documentation, and to recommend immediate corrective actions where programs fail – more often than not, at considerable one-time and recurring costs. Crowe Horwath LLP can help you create a risk-based AML program tailored to your specific needs in today’s complex environment. From large global banks and broker-dealer organizations to credit unions and community banks; from gaming and casino operations to money transmitters and money services businesses; from startup financial technology companies to established payment processors and other financial services companies; Crowe services draw on years of experience and thought leadership to create customized and scalable solutions for all types and sizes of financial services companies and institutions. The risks of noncompliance are substantial: ■■ Reputation risk ■■ Regulatory compliance risk ■■ A broad range of operational and strategic risks ■■ High-value customer risk ■■ Earnings and performance risk With compliance requirements and expectations stemming from unique risk profiles, meeting evolving AML requirements has become a complex exercise involving a moving target. As businesses struggle to comply, regulatory requirements and expectations pose another challenge: how to meet compliance obligations without damaging customer relations or impeding business growth and innovation.

Addressing AML Compliance Requirements Offers Significant Benefits ■■ Demonstrated commitment to protecting the global financial system ■■ Reduced risk of reputation damage from regulatory action and negative publicity ■■ Increased protection of corporate and shareholder value and goodwill ■■ Proactive human and technology resource planning on AML initiatives rather than regulator-driven compliance projects ■■ Cost-effective compliance with AML laws, regulations, and regulatory expectations ■■ Effective decision-making and risk management through AML analytics Leading providers of financial services are also looking at the impact of an AML program on competition and customer relationships, viewing AML compliance as an opportunity to expand their knowledge of customers and deliver a higher level of service.

www.crowehorwath.com

3

Crowe Horwath LLP

Crowe® CLAMP®: Our AML Operating Model for Regulated Financial Services Companies The Crowe Closed-Loop Anti-Money Laundering Program (Crowe CLAMP) operating model allows financial services companies to achieve a high level of capability maturity in nine AML areas and is designed to verify that each area interacts with the others to provide appropriate and ongoing feedback. Our model includes:

1. A Strong Enterprise Foundation

3. Demonstrated Execution

5. Activity Monitoring

Surrounding an organization’s AML

Every AML program must demonstrate

The goal of AML activity monitoring

program is an enterprise foundation that

the ability to execute on the plan and the

is to identify potentially suspicious or

determines an organization’s ability to

designed organizational components.

prohibited customer activity through

respond to changes in both the busi-

An AML risk assessment produces

high-quality alerts with minimal false

ness and regulatory environments. The

a risk profile based on products,

positives. Meaningful transaction analysis

foundation consists of four components:

geography, and customer and account

requires leveraging rules-based, profiling,

corporate governance/enterprise risk

characteristics, resulting in a guide

or machine learning technologies, as

management, model risk management

for organizational priorities. Effective

well as advanced analytics. Transaction

and model governance, independent

internal controls demonstrate a history of

monitoring systems must consider your

audit, and the ability to establish effective

adequate and sound responses to areas

organization’s unique risk profile and inte-

policies that have been approved by

in need of attention. Staffing and training

grate with CDD to most effectively detect

the board.

take place at all levels of the organization,

unusual and suspicious activity. Structured

especially at those with responsibility for

analysis, tracking, and follow-up are

the AML program. Models and systems

required in order to properly manage each

relied upon for AML compliance must be

potential suspicious incident.

2. Principal Capabilities Four principal capabilities serve as the backbone of an organization’s AML program: an enterprisewide compliance risk assessment weighs the risk of legal

calibrated and validated to ensure their accuracy and effectiveness.

6. Investigations and Reporting Suspicious activity, regardless of its

or regulatory sanctions, financial loss,

4. Customer Due Diligence

origin, requires detailed investigation and

or damage to reputation and franchise

The goal of customer due diligence

documentation by qualified individuals.

value; comprehensive processes guide

(CDD) is to identify, screen, and manage

Requests for investigations may be

the development, implementation, and

the organization’s new and existing

initiated through the organization’s CDD

use of models for AML compliance;

customers that present a higher risk

efforts, its sanctions screening, activity

effective monitoring and self-testing of

for money laundering and terrorist

monitoring systems, and its fraud detec-

AML controls by the AML group prepares

financing. CDD provides the mechanism

tion processes, or externally via Section

the organization for review by indepen-

to implement the due diligence and

314 of the USA PATRIOT Act or other

dent audit; and written procedures reflect

sanctions screening processes required

avenues. Unusual activity deemed to be

the institution’s current AML program.

for every customer and the enhanced due

suspicious is reported to law enforcement

diligence processes required for those

on a Suspicious Activity Report (SAR).

who pose a higher risk.

4

Anti-Money Laundering: You Can’t Afford the Risks

“CLAMP” and the CLAMP AML framework diagram are protected intellectual property of Crowe Horwath LLP.

7. Single Customer View

9. Program Management

This is an organization’s ability to dem-

8. Data and Document Management

onstrate that it understands its customer

The Customer Identification Program

project and regulatory relationship

information and has properly associated

and other mandates require documents

management. Organizations should

and linked relationships within a line of

and history be maintained for five years.

demonstrate an ability to plan, organize,

business as well as across subsidiaries.

Backups and archives must be set up to

and manage AML projects through a

The convergence of expected and actual

allow retrieval in an organized and timely

program office. Furthermore, projects

risk requires that an organization not only

manner. Audit trails track data and enable

must be consistently executed on time

understand who the customer is, but

document capture to assist with informa-

and on budget to create regulator confi-

also what he or she is doing. A robust

tion and document warehousing, which,

dence in an institution’s ability to deliver

single customer view will help drive use

in turn, help improve management and

on what is promised.

of advanced analytics to further manage

operational reporting as well as compli-

AML risk and increase program efficiency.

ance and litigation support.

www.crowehorwath.com

Effective program management includes

5

Crowe Horwath LLP

Crowe Offers a Comprehensive Closed-Loop AML Solution Crowe brings together an integrated team of financial services industry professionals specializing in the areas of: ■■ Regulatory compliance ■■ Enterprise risk management ■■ Business process management ■■ Customer experience management ■■ Technology systems integration and implementation Our unique combination of in-depth industry knowledge, broad-based business competencies, and the Crowe CLAMP operating model offer our clients a comprehensive, closed-loop AML solution. Our solutions are configurable: they can be implemented holistically for organizations with high regulatory expectations or as point solutions targeting specific areas of need for organizations with specific regulatory requirements.

6

Anti-Money Laundering: You Can’t Afford the Risks

AML Solutions to Match Your Risk Profile Our team of AML specialists can help you create a risk-based AML compliance program tailored to your organization’s specific needs. Because there is no such thing as a one-size-fits-all program, Crowe AML solutions are customized to your organization based on risk profile, business model, size, location, customer base, corporate culture, delivery channels, products, and service offerings.

Crowe AML/BSA Services and Solutions At Crowe, we view AML compliance as a continual process of vigilance grounded in a proactive system that raises red flags when significant changes, variances, and contradictions occur. Our AML solutions can be implemented as a comprehensive compliance program or customized to focus on specific challenges.

Model Risk Management

Financial institutions are required to adapt their existing AML risk management programs to the most current industry and regulatory standards. Crowe has an established model risk management methodology and framework that help organizations meet regulatory expectations. These services include: ■■ Identifying and managing the AML model inventory ■■ Assessing AML model risks ■■ Developing and implementing AML models and systems ■■ Validating models relied upon for AML compliance ■■ Calibrating or optimizing AML system parameters ■■ Establishing governance and oversight for the model risk management program

AML Analytics and Reporting

Enhanced analytics and statistical techniques are necessary to effectively analyze and calibrate AML models to provide accurate customer risk rating, transaction monitoring, and sanctions screening capabilities. Other critical components of a strong AML program include data warehousing, integration, and governance, as well as effective data visualization and dashboards to provide management with enhanced visibility. Crowe services include: ■■ Defining AML analytics programs ■■ Establishing program KPIs and KRIs ■■ Calibrating AML system parameters ■■ Designing and developing management reporting capabilities

www.crowehorwath.com

7

Crowe Horwath LLP

Regulatory Response and Remediation

Crowe has extensive experience working with regulators to help institutions address examiner concerns and offers a broad array of AML-specific services for institutions facing enforcement actions. These services include credible and respected: ■■ Independent third-party monitoring services ■■ AML look-back reviews ■■ Independent AML audit services ■■ Financial investigation services for either ongoing support or special assignments Crowe also has extensive experience helping institutions with exam preparation and management and maintaining compliance with OFAC requirements and other global trade and economic sanctions.

AML Program Enhancement Services

As part of its broad AML program enhancement services, Crowe frequently is called upon to provide program oversight and compliance integration services in addition to specific enterprise risk assessment efforts. Crowe services include: ■■ Enterprisewide compliance, BSA/AML, and OFAC risk assessments ■■ Formulation of policies, procedures, and program standards ■■ AML program assessment and future-state road map documentation ■■ Formation and optimization of financial intelligence units ■■ Convergence of financial crimes programs ■■ Merger and acquisition management ■■ Ongoing advisory services and thought leadership ■■ Business-as-usual support and optimization ■■ Annual and ongoing BSA/AML training

Customer Due Diligence

Know-your-customer, CDD, and accurate customer risk rating capabilities are essential components of an effective AML program. Crowe offers in-depth knowledge and technological expertise in helping institutions: ■■ Establish enhanced due diligence processes and procedures ■■ Support business-as-usual EDD reviews ■■ Design and develop customer risk rating models ■■ Implement CDD and single-customer-view systems ■■ Design and execute calibration for customer risk rating models ■■ Validate CDD and customer risk rating models

8

Anti-Money Laundering: You Can’t Afford the Risks

Suspicious Activity Monitoring

Crowe offers ongoing support in the design, development, and implementation of transaction monitoring systems as well as system assessment and enhancement engagements and pre- and post-implementation calibration and validation. Services include: ■■ Alert triage to support business-as-usual processes ■■ Designing, developing, and implementing suspicious activity monitoring models ■■ Designing and executing calibration for suspicious activity models ■■ Validating suspicious activity models

Investigations and Reporting

Along with supporting regulatory mandated look-backs, Crowe provides suspicious activity monitoring, enhanced due diligence, and sanctions alert review services. Crowe brings experienced investigators to support business-as-usual processes and also assists with the optimization of AML compliance operations teams and investigations units.

Data Management

As BSA/AML programs increase their reliance on technology for effective and efficient compliance, data management and quality grow in importance. Crowe provides services to assist with: ■■ Mapping and integrating data sources to AML systems ■■ Assessing data quality and completeness ■■ Developing data management strategies ■■ Leveraging data visualization tools to support AML compliance and reporting

Technology

Through collaboration with clients and extensive experience, Crowe has developed technology solutions that support and bring efficiency to AML program components. This technology includes: ■■ Crowe Model Risk Manager – assists institutions with supporting an end-to-end model risk management program ■■ Crowe Dynamic Customer Insight – facilitates the collection of customer information, evaluation of customer risk rating, and execution of enhanced due diligence and high-risk customer reviews ■■ Crowe Caliber – assists institutions in calibrating their transaction monitoring systems and the associated parameters, adding efficiency to the tuning process ■■ Crowe Activity Review System® (CARS®) – leverages dynamic questioning and automated narrative generation to significantly reduce the amount of effort required to review suspicious activity alerts

www.crowehorwath.com

9

Crowe Horwath LLP

10

Anti-Money Laundering: You Can’t Afford the Risks

Crowe Horwath LLP: The Unique Alternative® Crowe Horwath LLP (www.crowehorwath.com) is one of the largest public accounting, consulting, and technology firms in the United States. Under its core purpose of “Building Value with Values,®” Crowe uses its deep industry expertise to provide audit services to public and private entities while also helping clients reach their goals with tax, advisory, risk and performance services. With offices coast to coast and 3,000 personnel, Crowe is recognized by many organizations as one of the country’s best places to work. Crowe serves clients worldwide as an independent member of Crowe Horwath International, one of the largest global accounting networks in the world. The network consists of more than 200 independent accounting and advisory services firms in more than 120 countries around the world.

www.crowehorwath.com

11

Contact Information Vicky Ludema +1 800 599 2304 [email protected]

www.crowehorwath.com/AML When printed by Crowe Horwath LLP, this piece is printed on Mohawk Color Copy Premium, which is manufactured entirely with Green-e certified wind-generated electricity. ®

Crowe Horwath LLP is an independent member of Crowe Horwath International, a Swiss verein. Each member firm of Crowe Horwath International is a separate and independent legal entity. Crowe Horwath LLP and its affiliates are not responsible or liable for any acts or omissions of Crowe Horwath International or any other member of Crowe Horwath International and specifically disclaim any and all responsibility or liability for acts or omissions of Crowe Horwath International or any other Crowe Horwath International member. Accountancy services in Kansas and North Carolina are rendered by Crowe Chizek LLP, which is not a member of Crowe Horwath International. © 2015 Crowe Horwath LLP RISK-16001-011A