This is a big exercise and it is critical to get it right. Keys to success include: demonstrating that the core AML transaction monitoring and sanctions screening capabilities are fit for purpose, positioning and effectively communicating the program to the regulator, and ensuring that senior management and key personnel are sufficiently well-informed and educated.
It’s also important to ensure the first certification process fits well into the institution’s longer-term strategic response. After months of preparation, institutions face several immediate and medium term concerns as the first filing date approaches. Three key questions that firms should be asking are:
A. Are we well positioned to achieve compliance by April 2018?
B. What are the key competencies we must demonstrate?
C. How do we best position and plan for beyond the April 2018 submission?
Given the principles-based nature of the rule, there is no one-size-fits-all approach. However, there are common threads applicable across institutions. In the immediate term, banks must carefully navigate how to demonstrate compliance while acknowledging continuing enhancement efforts; this includes consideration of the full suite of activities across the BSA/ AML and OFAC programs. Looking forward, banks have the opportunity to leverage tactical enhancements undertaken as part of the regulatory response to establish longer term, strategic capabilities.