Ready Or Not?

Navigating the DFS 504 rule

Institutions supervised by the New York Department of Financial Services (NYDFS) face a big hurdle in April as they submit for the first time under the new DFS 504 rule to certify that their BSA/AML transaction monitoring and OFAC sanctions screening programs are up to scratch. The new rule imposes a much higher level of rigor, and the annual submission exposes boards of directors and senior officers to a heightened risk of personal liability, in addition to the very sizeable fines that non-compliant institutions may face.

This is a big exercise and it is critical to get it right. Keys to success include: demonstrating that the core AML transaction monitoring and sanctions screening capabilities are fit for purpose, positioning and effectively communicating the program to the regulator, and ensuring that senior management and key personnel are sufficiently well-informed and educated.

It’s also important to ensure the first certification process fits well into the institution’s longer-term strategic response. After months of preparation, institutions face several immediate and medium term concerns as the first filing date approaches. Three key questions that firms should be asking are:

A. Are we well positioned to achieve compliance by April 2018?
B. What are the key competencies we must demonstrate?
C. How do we best position and plan for beyond the April 2018 submission?

Given the principles-based nature of the rule, there is no one-size-fits-all approach. However, there are common threads applicable across institutions. In the immediate term, banks must carefully navigate how to demonstrate compliance while acknowledging continuing enhancement efforts; this includes consideration of the full suite of activities across the BSA/ AML and OFAC programs. Looking forward, banks have the opportunity to leverage tactical enhancements undertaken as part of the regulatory response to establish longer term, strategic capabilities.

Ready Or Not?

Navigating The DFS 504 Rule