Welcome to this special podcast series, Integrity Matters: Exploring the NDAA, sponsored by K2 Integrity. This week I visit with Chip Poncy,  Global Co-Head Financial Crimes Risk Management practice and member of K2 Integrity’s Board, and Gail Fuller, Managing Director at K2 Integrity. Over the week, we will break down the changes to the Bank Secrecy Act (BSA) and changes in enforcement authority to Financial Crimes Enforcement Network (FinCEN) which recently passed a National Defense Authorization Act (NDAA). Topics include breaking down the big picture, company formation reform, new opportunities under this new law, coming change to corporate governance under the NDAA and the long view of the new law. In Part 1, I am joined by Chip Poncy who breaks down the big picture of changes under the NDAA.

We began with a look at the evolution of anti-money laundering (AML) over the past 20 years, starting with 9/11, when we as a country recognized the value of financial information and financial disruption to terrorist organizations in particular but really a broad threat of threats to our national security. Based on that recognition, we strengthened, we expanded substantially the BSA through the implementation of the USA Patriot Act. This broadened the BSA to cover most segments of our financial system through strengthening, setting expectations from each of those segments and the formation of AML programs, particularly reporting and record keeping requirements. That is the starting point.

Company formation reform might be the most important requirement for additional information reporting and information sharing that would inform implementation of a risk-based approach. This has been at the heart of the debate around implementation challenges to BSA. For the past 20 years the US system of governance, with respect to BSA, as with most areas of governance and the financial system, relies on a risk-based approach in which financial institutions really are responsible for understanding and managing risks associated with money laundering and ilicit finance on a continuous basis. Companies are judged in terms of the effectiveness of meeting those requirements by examiners, regulators and law enforcement on a continual basis. That’s hard to do if you’re operating with different types of information, with different kinds of expectations  in a highly dynamic and evolving financial system and threat environment.

We then moved to the changes brought about by the new Act. Poncy said, “a host of new reporting requirements and information sharing that allows our financial system, our financial institutions, our regulators and law enforcement to better understand what a risk-based approach actually means in terms of the risks that we worry about and the prioritization of those risks.” From there, you need to consider how those risks are covered and translated into examination and supervision, and expectations. Ultimately how those priorities and risks inform AML programs that are implemented by our financial institutions.

When then turned to increased enforcement power for FinCEN. Poncy believes that FinCEN is “definitely a beneficiary of this new act. They have additional authority, but they also have additional accountability under the Act. FinCEN has done historically and strengthens and codifies some of their preexisting work and expands upon.” There are statutory requirements for FinCEN to establish liaisons, both domestically with federal functional regulators and internationally with a counterpart for financial intelligence units and other financial centers. Further, codification of “resourcing and reporting around requirements will strengthen FinCEN efforts on threat reporting that FinCEN has done historically.” This includes the “Suspicious Activity Reports (SARs) that are now required on at least a semi-annual basis and then a series of reviews of the utility of BSA that should work to help FinCEN rationalize what reporting requirements it is focused on and help the industry understand which information is most valuable to protecting our financial system safeguard national security and assisting law enforcement.”

We concluded with a discussion of the new risk management opportunities and obligations. Poncy noted that we talked about the risk-based approach and how our system of governance of the BSA is really grounded in this approach. Yet there was no specific requirements for financial institutions to conduct risk assessments. That said, it is now a requirement going forward to conduct these risk assessments on an institutional basis. This will help inform and align what risks financial institutions should be looking for based on expectations from law enforcement and the national security community.

Join us tomorrow as we examine the changes in company formation.

For more information go to the K2 Integrity website.

For more information on the Dedicated Online Financial Integrity Network (DOLFIN) click here.