By Carey Rome, founder and CEO of Cypress Resources
In a recent speech at the 2015 Bank Secrecy Act Conference in Las Vegas, Stephanie Brooker, associate director of enforcement at the Financial Crimes Enforcement Network (FinCEN), stressed to bankers how a culture of compliance has prevented scores of international fraud.
“Because of your reporting, we’ve seen patrons using casinos and card clubs to conceal narcotics; to move money in support of international fraud schemes; to launder real estate fraud money; or to transfer money for other illicit purposes,” Brooker said.
And she’s right: While regulatory compliance can be a constant challenge for bankers, it isn’t just useless red tape. It prevents dangerous cartels and terrorist groups from funneling money through U.S. financial institutions and across the globe.
In fact, regulatory compliance can be, if set up correctly, an opportunity to grow. Greater profits lie ahead for banks that approach compliance strategically, aligning their compliance function with growth trajectories. By specifying target customers and divesting unprofitable lines of business, not only can banks insulate themselves from regulatory action, but they can also drive earnings higher while doing so.
Today’s Regulatory Climate
Jennifer Shasky Calvery, director of FinCEN, has signaled an uptick of the regulatory actions of her administration, largely because tech-savvy criminals are finding new ways to launder money.
“Innovation is laudable,” Calvery began, reading from prepared remarks, “but only as long as it does not unreasonably expose our financial system to tech-smart criminals eager to abuse the latest and most complex products.”
Calvery’s administration is cracking down on financial institutions that offer easy targets to financial criminals. In 2014, AML-related enforcement actions totaled more than $350 million. While the number of enforcement actions dropped 11 percent from the previous year, fines totaled nearly seven times as much.
Regulators aren’t taking a one-size-fits-all approach, either. Pursuant to the Dodd-Frank Act, the Consumer Financial Protection Bureau has limited enforcement authority over community banks. For these reasons, community banks aren’t likely to face the full scrutiny that institutions with more than $10 billion in assets face any time soon.
Often, larger institutions offer more complex products to a greater breadth of customers. More diverse product offerings increase risks; it’s natural to assume that the larger the bank, the greater it’s regulatory responsibilities.
A Strategic Approach to Compliance
Although enforcement will be focused on larger institutions, every bank must develop a risk profile based on a risk assessment model that clearly defines the bank’s customers, according to compliance rules through the Bank Secrecy Act/Anti-Money Laundering (BSA/AML).
Via BSA compliance, private financial institutions must act as partners in ensuring the health of the financial system. Former U.S. Treasury Secretary Timothy Geithner called the BSA “a powerful weapon against fraud,” but stressed that it’s a useful tool only when it’s “armed with the valuable information that our private sector partners provide.”
To do their part, banks cannot open their doors to anyone who will give them business. Banking anyone and everyone is risky; for regulators, this strategy is broad, generic, and not credible.
An “everyone and anyone” strategy is akin to issuing loans before checking customers’ credit reports. The risk of such an act would be unthinkable, which is why banks evaluate customers’ credit standings prior to underwriting loans. If an applicant has poor credit, the bank charges a higher interest rate to offset the risk of potential default.
A targeted compliance strategy makes sense for the same reasons. By analyzing risks and being selective about which commercial institutions they serve, banks can improve profitability, stand up to regulatory scrutiny, and avoid the hassles of costly reputational damage.
How to Match Growth With Compliance
Misalignment of your compliance function and growth plan can be avoided. Follow the steps below to develop a strategy that marries the two and deters special attention from regulators:
- Identify your target customer. Defining your target customer base should occur simultaneously with weeding out non-target customers. If, for instance, your bank is based in the southeast where the auto-manufacturing industry is booming, targeting manufacturers as commercial clients makes sense. Aside from providing a readily available pool of business for a southeastern bank, this strategy is the perfect know-your-customer approach; collaboration between front-line bankers and an industry-specific compliance specialist can maximize compliance function efficiency.
- Choose compliance specialists wisely. Construct your BSA/AML compliance team around those target customers — in the previous example, manufacturing. A compliance specialist who knows your client’s industry better than those at competing banks can be an excellent differentiator. A compliance specialist with targeted industry expertise will know exactly how regulatory requirements relate to an industry, provide industry insights to relationship managers, and better understand what types of transactions clients typically conduct.
Multiple analysts without specializations generate more costs in the long term than one specialized analyst who can easily spot inconsistencies in customer behavior. This, in turn, positions you to better identify which entities are falsely posing as your target customers; it also reduces the risk of false alarms.
- Build a compliance team for high-risk accounts. In addition to your compliance function specialists, you should consider forming a separate group to analyze high-risk customers — especially if those customers are outside of your target group.
Why analyze those individuals? The First Bank of Delaware is a classic example. A few years ago, it introduced a new service that allowed debit transactions totaling more than $100 million to process through third-party entities without prior customer authorization. Its board of directors specifically questioned the high-risk activity, but the CEO brushed the warnings aside. Because the bank failed to assign a specific compliance function to this high-risk activity beforehand, it incurred a $15.5 million money-laundering penalty and was acquired by Bryn Mawr Trust.
If you take the time to truly understand the cost of high-risk customers and investments, you’ll often discover they aren’t profitable because of the high costs of oversight and risks of regulatory action. Ultimately, it’s safer and more profitable to stick with industries and lines of business where you have deep expertise in products, services, and compliance.
- Add profitability analysis to your compliance function. When you introduce a new product or want to take on a new client, you should always calculate the cost of compliance against the potential profits to be made. JPMorgan Chase & Co’s new approach— using a combination of human labor and automated systems to spot red flags in transaction patterns — aims to improve compliance efficiency while minimizing the associated costs to drive profitability.After conducting its analyses, JPMorgan announced in February it would forgo $100 billion worth of business by the end of 2015 because it determined the risk of accepting deposits from other financial institutions would not generate enough revenue. Divesting unprofitable business can be as important to growth as gaining profitable customers.
Growing With a Savvy Compliance Strategy
Banks need to think carefully about their compliance functions because regulatory actions can impact their reputations, credibility, bottom lines, and growth. With a more focused compliance function, banks can save overhead costs, pursue customers that will maximize profits, and position themselves at the forefront of regulatory accountability.