The Office of the Comptroller of the Currency’s (OCC) Committee on Bank Supervision (CBS) just released its Bank Supervision Operating Plan for 2018 which outlines the OCC’s supervision priorities for individual national banks, federal savings associations, federal branches, and federal agencies and service providers. For the OCC’s 2018 fiscal year, which begins October 1, 2017 and ends September 30, 2018, the development of supervisory strategies will focus on the following areas:
- Cybersecurity and operational resiliency
- Commercial and retail credit loan underwriting, concentration risk management, and the allowance for loan and lease losses
- Business model sustainability and viability and strategy changes
- Bank Secrecy Act/anti-money laundering (BSA/AML) compliance management
- Change management to address new regulatory requirements
Consistent with this supervisory strategy, examiners will be tasked with determining whether banks have designed and implemented effective BSA/AML and Office of Foreign Assets Controls programs and controls to address continued risks from traditional money laundering schemes, evolving vulnerabilities resulting from the rapid pace of technological change, and emerging payment solutions and terrorist financing. In their examination, examiners will evaluate risk assessment processes, and policies, procedures, and processes to effectively mitigate identified risks and consider the appropriateness of controls for the nature and level of risk present in a banks’ products, services, customers, and geographies and include conducting sufficient customer due diligence and suspicious activity identification and monitoring.
Examiners will also focus on compliance with new regulations and changes to existing regulations, including the Financial Crimes Enforcement Network’s final rule to enhance customer due diligence: Monitoring banks’ progress in meeting the May 11, 2018, implementation deadline for the customer due diligence and beneficial ownership rules. This rule requires that banks identify and verify the identity of the beneficial owners of all “legal entity customers” (other than those that are excluded) at the time a new account is opened (other than accounts that are exempted). Banks may comply either by obtaining the required information on a standard certification form or by any other means that comply with the substantive requirements of this obligation. Banks may rely on the beneficial ownership information supplied by the customer, provided that it has no knowledge of facts that would reasonably call into question the reliability of the information. The identification and verification procedures for beneficial owners are very similar to those for individual customers under a bank’s customer identification program, except that for beneficial owners, a bank may rely on copies of identity documents. Banks are required to maintain records of the beneficial ownership information they obtain, and may rely on another financial institution for the performance of these requirements, in each case to the same extent as under their customer identification program rule.
Because regulatory issues relative to a bank’s BSA/AML compliance program may prove problematic to the implementation of a bank’s strategic plans and given the OCC’s continued supervisory focus on BSA/AML compliance through 2018, now may be a good time to reexamine your compliance programs as examiners will be sure to focus on the effectiveness of this program relative to your risk profile.