Financial Crime Risk Assessments
Conducting a comprehensive risk assessment is a key aspect of an effective compliance program. FTI Consulting works with traditional and non-traditional financial institutions to develop risk assessments that shape strong Anti-Financial Crime Compliance Programs capable of withstanding regulatory scrutiny.
We work with clients so that their risk assessments are properly tailored, capture the key inherent risks (e.g., products, services, customers, and geographic locations) and evaluate the mitigating controls (e.g., policies, procedures, training, and staffing) to measure and monitor the residual risks your financial institution faces.
Recent regulatory developments in the financial services industry include:
- The U.S. Treasury Financial Crime Enforcement Network (FinCEN) listed eight priorities in the Anti-Money Laundering Act of 2020 that all covered institutions should incorporate into their risk-based AML compliance program. Additionally, in September 2020 FinCEN indicated plans to add risk assessments as a regulatory requirement versus its current status of regulatory expectation1,2.
- The Corporate Transparency Act increased reporting requirements on beneficial ownership information that will need to be factored into risk assessments as well as risk appetite statements3.
- The Securities Exchange Commission (SEC) indicated as one of their top priorities they will test the effectiveness of compliance programs to see if institutions have policies and procedures in place that reasonably identify suspicious activity and money laundering4.
- The Department of Justice (DOJ) has issued statements indicating that they will begin focusing more on sanctions as well as the effectiveness of compliance programs. The DOJ has also announced the formation of a National Cryptocurrency Enforcement Team5,6.
Non-bank financial institutions including fintech companies, money services businesses (MSBs), cryptocurrency exchanges and other non-traditional financial institutions need to comply with BSA/AML and sanctions regulations. FTI Consulting professionals have the experience and expertise to help any financial institution build out and maintain a risk-based compliance program.
Our risk assessment team experience:
- Former Regulators
- Former Bank Compliance and Operations Executives
- Former Internal and External Financial Institution Auditors
- Certified Anti-Money Laundering Specialists (CAMS)
- Certified Risk Assessment Specialists
Support BSA/AML Risk Assessment
Situation: FTI Consulting was engaged by a Money Services Business applying for money transmitter license in the United States to support its inaugural BSA/AML Risk Assessment.
Our Role: The FTI Consulting team provided the client with advisory services and guidance by reviewing the risk assessment methodology, business strategic plan and risk assessment template. The FTI Consulting team analyzed and calibrated results based on the organization’s risk appetite, generated a risk assessment report outline and provided feedback on the final report
Our Impact: The MSB was able to conduct a comprehensive BSA/AML risk assessment of their business and positioned to attain their money transmitter licenses.
BSA/AML and Sanctions Monitorship
Situation: In conjunction with its settlement with its U.S. regulator, a large European bank engaged FTI Consulting to serve as its Independent Consultant to ensure the terms of the settlement were met.
Our Role: The FTI Consulting team conducted a comprehensive review of the Bank’s current BSA/AML compliance program including the review of the BSA/AML risk assessment and the OFAC/Sanctions risk assessment. FTI Consulting experts conducted walkthroughs and interviews with key personnel, observed Compliance Committee meetings, reviewed key risk documentation (i.e., risk methodologies, risk assessment reports, risk frameworks), reviewed internal audit assessments and provided feedback on regulatory expectations. FTI Consulting professionals provided an assessment of the Bank’s policies, procedures and processes as well as an evaluation of the controls in place. The FTI Consulting team also provided a review of the governance and management oversight of the compliance program.
Our Impact: FTI Consulting experts provided feedback that helped the client perform a well-thought-out risk assessment. The FTI Consulting team issued an independent report for regulatory body that included findings and recommendations. The monitorship was subsequently lifted.
Risk and Compliance Management Analysis for a GSIB
Situation: A global bank under a Consent Order with the Federal Reserve required an independent assessment of its risk and compliance management program as a result of systemic sanctions and embargoes violations.
Our Role: The FTI Consulting team assessed the bank’s approach to risk appetite, risk controls and the fit-for-purpose of key risk indicators, including qualitative and quantitative indicators. FTI Consulting experts were responsible for analyzing the Anti-Financial Crime Risk Type Assessment, reviewing additional supporting documentation including the methodology, conducting walkthroughs with Bank representatives, analyzing sanctions compliance risk raised, and documenting findings.
FTI Consulting professionals assessed the various components of the bank’s sanctions compliance program, including analyses of governance and staffing adequacy, the efficacy of management information reporting and breach remediation tracking, the adequacy of internal controls and internal audit, the performance of the newly-implemented quality assurance program, the comprehensiveness of policies and procedures and the strength of the training program delivered to all levels of the organization. The FTI Consulting team also evaluated the models used for compliance, reviewed the model risk management process and conducted transaction testing to ascertain the comprehensiveness and accuracy of the institution’s alert systems.
Our Impact: FTI Consulting experts identified areas for improvement in several components of the program, enabling the bank to correct its systems, oversight processes and management information capabilities.