The system of national banks and federal thrifts is returning to good condition, not perfect, but good. Balance sheets are stronger, assets are more stable, and earnings are definitely on the rise, particularly in comparison to the depths of the financial crisis in 2009. Bank lending is rising slowly and should improve.
While the general state of the industry has improved, the financial industry faces significant regulatory and operational risks. This requires banks and thrifts to re-examine and improve compliance procedures, protocols and operations. This increase in “operational risk” reflects risks due to failures of people and systems. Operational risks are fast eclipsing credit risks.
The risk of an operational breakdown can have a dramatic impact on regulatory or compliance requirements. For example, if a bank reduces vigilance on the protection of consumer data on its IT system, such a security breakdown can result in a serious data breach and harm to numerous consumers. The company will face serious regulatory and compliance requirements to mitigate the data breach.
Banks also use third parties to help market consumer products or to collect debts. Some of these third parties may engage in deceptive or unfair practices or use illegal collection practices all of which may raise concerns with federal and state regulators.
Banks have to be sensitive to the third parties they engage. Due diligence is not limited to compliance with the law but extends to possible impact on the banks’ reputation.
More and more banks are coming under scrutiny for Bank Secrecy Act and anti-money laundering compliance. Major banks have been identified in headlines as they fall under scrutiny for BSA/AML compliance. Regulators are focusing not just on large banks but mid-size and community banks.
The major areas of focus continue to be on account monitoring, tracking of high-risk customers, bulk cash transactions and monitoring of suspicious activity. Systematic deficiencies in these important areas can lead to major fines and reputational harm.
BSA/AML compliance is difficult because it requires careful examination of large numbers of transactions for suspicious patterns – it is the proverbial needle in a haystack. Criminals are creative, especially when it comes to concealing illegal transactions. New tactics are always being employed and compliance teams have to stay in front of the curve when it comes to criminal tactics.
Banks have to respond to these risks proactively. Controls that may work one day may have to be scrapped and new ones put in place. Management has to commit to focus on key controls and maintain a knowledgeable staff with sufficient resources.
BSA/AML compliance has to evolve in the face of new risks and new tactics. The banking industry can help in identifying these new trends and tactics but it is important for government regulators to communicate with the financial industry about risks and strategies.