Welcome to this special podcast series, Integrity Matters: Exploring the NDAA, sponsored by K2 Integrity. This week I visit with Chip Poncy, Global Co-Head Financial Crimes Risk Management practice and member of K2 Integrity’s Board, and Gail Fuller, Managing Director at K2 Integrity. Over the week, we will break down the changes to the Bank Secrecy Act (BSA) and changes in enforcement authority to Financial Crimes Enforcement Network (FinCEN) which are found in the recently passed National Defense Authorization Act (NDAA). Topics include breaking down the big picture, company formation reform, new opportunities under this new law, coming change to corporate governance under the NDAA and the long view of the new law. In Part 3, I am joined by Gail Fuller to look at some of the opportunities under the new law.
Fuller believes that some of the biggest benefits that are going to be immediately evident coming out of this law are related to information sharing and collaboration. She stated, “There are parts of the law that are targeted at addressing kind of longstanding points of pain for the industry related to information sharing.” Fuller highlighted a couple of key areas. First is in the public-to-private sphere. “One of the things this new law does is make it easier to communicate with the government and make the government’s outreach more proactive by staffing up in liaison functions, both domestically and internationally. “
Fuller believes this will lead to a more active exchange of information. The US government is now going to establish and communicate to the private sector about what its priorities are and what the government identifies as the biggest threats and risks. This is critical to building that foundation of common understanding on which banks can base their risk-based approach, “it gives everyone kind of that common foundation from which to build.” Additional information to the private sector will occur as FinCEN will be required to periodically disclose to each financial institution the actual information on SARs that they filed and which of these SARs filings have been helpful. Here Fuller said, “that’s a huge win and I think that’s going to be a big boon for financial institutions, actually getting that feedback and knowing what’s been helpful, what hasn’t been helpful.”
The second area is a private-to-private sector information sharing under the new law. She related that the bill establishes a pilot program in which covered financial institutions will be able to share information related to SARs within their respective financial groups. This means that for international financial groups, there can be more cross border information sharing related to activity within the financial institution itself. This is important in removing a barrier that financial institutions have struggled with and not been comfortable with in the past.
Another area in the private-to-private sharing is that the bill codifies what was previously a joint supervisory guidance document about sharing compliance resources across private sector institutions. This will assist many smaller financial institutions which do not have the resources to set up their own large compliance function. Now there will be the ability to share compliance resources. Fuller said, this is “an important thing, will make a big difference and provides a real shot of confidence for those financial institutions that want to explore managed service or outsourced compliance models. Those that are dipping their toes in the approach already should really have more confidence to pursue it.”
We next turned to how the new law will act as an innovation incubator for AML programs and the fight combatting terror financing (AML-CFT). Fuller feels like “the NDAA does do a lot to try to push this issue forward.” There has always been a dynamic tension between innovation and regulatory compliance. She believes this was “one of the key reasons we even need BSA modernization in the first place as the current laws and regulations were written at a time where we couldn’t envision the types of technologies that are really available today. Right now, we have a system that’s reactive by design. We’re always talking about following the money and filing reports largely after money has already transcended the financial system.”
However, now there are technologies available such as artificial intelligence (AI) and machine learning. These allow compliance to take a more proactive, preventative approach to protecting the financial sector. She used the following analogy: “are we building a better mouse trap or are we creating a whole new, different disruptive way to trap mice or solve the mass problem?” Financial institutions need “a safe space to experiment with things and test out new ideas.”
While in many ways it can be easier to demonstrate the effectiveness of incremental innovations by comparing it to how the old system worked. However, with many of these innovations, entities are “creating a totally new system or approach and shifting from the reactive to the preventive, it’s really challenging to compare the two approaches and prove effectiveness in the same way.” The NDAA helps get at this issue by mandating an examination of whether and to what extent traditional AML model validation and model risk governance processes should even apply to AML-CFT.
Join us tomorrow as we continue our podcast series by visiting with Chip Poncy on changes in governance brought about by the new law.
For more information go to the K2 Integrity website.
For more information on the Dedicated Online Financial Integrity Network (DOLFIN) click here.