U.S. Developments
FinCEN and Others Issue Joint Statement on BSA/AML Examinations
The Financial Crimes Enforcement Network (FinCEN) and several other federal banking regulators, including the Federal Deposit Insurance Corporation, National Credit Union Administration, the Office of the Comptroller of the Currency, and the Board of Governors of the Federal Reserve, issued a joint statement on Bank Secrecy Act and Anti-Money Laundering (BSA/AML) examinations of bank compliance programs. The joint statement does not establish new requirements, but rather is an effort to provide additional transparency regarding the risk-based approach these regulators take when conducting their examinations.
The joint statement provides that federal regulators examining bank BSA/AML compliance programs will adjust the scope of their examinations to match a bank’s overall risk profile. The statement lists a number of common practices to determine a bank’s risk profile, including the following:
- Leveraging available information, including the bank’s BSA/AML risk assessment, independent testing or audits, analyses and conclusions from previous examinations, and other information available through the off-site monitoring process or a request letter to the bank;
- Contacting banks between examinations or prior to finalizing the scope of an examination, and;
- Considering the bank’s ability to identify, measure, monitor, and control risks.
The joint statement also notes that this risk-based approach allows regulators to direct more resources to higher-risk areas and fewer to lower-risk areas during examinations.
Utah Becomes Third State to Create Fintech Sandbox
Recently, Utah joined Arizona and Wyoming as states who have created regulatory sandboxes for fintech companies developing innovative financial products or services.
Under the new law, companies that have a physical location in Utah and commit to test only with state residents, can test new products or services without licenses or authorizations traditionally required for up to 24 months. Companies accepted into Utah’s sandbox must provide certain information to the state prior to testing, including how the product or service will be tested and the possible risks to consumers.