“Steps and missteps.” That’s how one friend of mine recently described her career in a joking way. As accurate as that brutal assessment was, it hit home with me on my own path. I thought about her comments and how succinctly that describes so many things in work and life. Even in our banks. Even in our compliance programs. About how important it is to assess and make adjustments as needed.
I have not failed. I’ve just found 10,000 ways that didn’t work. ~ Thomas Edison
Missteps or outright mistakes do not always equal failure. Especially if you can demonstrate that progress toward a positive outcome is being made. Missteps can help us along the path of our growth both professionally and personally. If, that is, they are identified and addressed in a timely fashion.
One recently announced fine of a bank for not addressing their own AML program missteps comes to mind: U.S. Bank was fined for fundamental lack of staffing and monitoring in their BSA/AML program, and the bank’s intent to hide this fact from their regulators.
For about five years, senior bank employees tried to balance their security system’s constant alerts about suspicious customer activity against internal staffing limitations, the authorities said. In a late-2009 memo, court documents show, U.S. Bank’s anti-money-laundering officer warned the chief compliance officer that employees responsible for investigating the alerts were “stretched dangerously thin.”
How does this kind of misstep happen in the United States’ fifth-largest bank?
I believe it’s found in their inability to adjust the program as they went along. This is critical to any good AML compliance program. Identify and address those missteps.
Measurement. Assessment. Adjustment. Repeat.
This type of accountability can only happen if the financial institution has a true and pervasive culture of compliance. This can’t be the BSA officer’s campaign alone. How is a culture of compliance achieved? Many articles have been written addressing this topic, but two key points that relate to this (from the FINCEN advisory on promoting a culture of compliance from 2014) have a huge impact on this particular scenario:
- Compliance should not be compromised by revenue interests
- Leadership should provide adequate human and technological resources
If these two of FINCEN’s six critical recommendations had been followed, U.S. Bank employees responsible for AML investigations would have received the support they needed to manage their alerts effectively. Instead, the bank has a hefty fine and reputational risk to deal with going forward.
Sometimes the perception of executive management, and even the BSA officer in larger institutions, is that the investigative staff spends all their time working on false positives rather than “real” alerts that result in a case investigation and/or SAR filings. This begs two questions: Are you dealing with an inordinate amount of false positives? If so, do you have the ability to “tune” your analytics to reduce that number?
This is going to prove critical going forward for mid-tier banks or those in a high scrutiny AML situation. The ability to adjust models and test based on false positives and emerging scenarios or technologies is perhaps the most highly sought-after analytic capability for AML software programs. Understand and identify your AML programs missteps so that you can make changes before they become your bank’s headlines and fines.
- How can you ensure that missteps like the one above won’t be repeated in your bank?
- Engage in an open dialogue with executive level management about staffing or technology limitations facing your AML program.
- Review the work queue and level to which alerts are being worked with your executive management team, so that everyone is aware of how they are managed and to what level they are being reviewed.
- Frequently revisit the AML expectations and risk tolerances of your bank.
- Review and understand the ability of your automation to adjust your models to eliminate wasted time on false positives.
- Find out what works and what doesn’t work for your particular staff and risk tolerances. If something needs to be adjusted, make the modification and reassess. This is a continual process.
Remember: Measurement. Assessment. Adjustment. Repeat. These are key steps to understand what is happening within your AML software solution, as well as in your AML program holistically.
Missteps don’t mean failure. They just help you in finding another path to succeed.