Risky Business Should Mid-Size Financial

Institutions Bank High-Risk

Customers?

Katie Foley, CAMS

2 | P a g e

Table of Contents Executive Summary ................................................................................................................................. 3

Introduction ............................................................................................................................................ 4

Definitions ............................................................................................................................................... 4

De-Risking ............................................................................................................................................... 5

System Considerations ............................................................................................................................ 6

Staffing Considerations ............................................................................................................................ 8

Risk versus Reward ................................................................................................................................ 10

Conclusion ............................................................................................................................................. 13

References ............................................................................................................................................ 14

3 | P a g e

Executive Summary In today’s ever changing regulatory environment financial institutions are constantly evaluating risk

and looking for effective and cost efficient ways to mitigate risk. The trend has become so prevalent

that the concept of de-risking has resulted; where some financial institutions have executed mass exit

strategies of certain business relationships to decrease their overall risk and better comply with

changing regulations.

As a result, many of these so called high risk businesses have been left to find alternatives to the

traditional banking system or are attempting to open accounts at small or mid-size financial

institutions. Many times these accounts are being opened in the hopes of flying under the radar.

This migration of sorts creates an interesting opportunity for mid-size financial institutions willing to

take on the operational and regulatory risk of banking these high-risk customers.

Proper planning prior to on boarding high-risk customers can result in mutually beneficial

relationships. Planning should include consideration and evaluation of current monitoring systems

and/or manual processes, staffing considerations such as training and experience level of staff, pricing

considerations, time considerations and regulatory impact.

This paper will explore the unique opportunity this situation provides mid-size financial institutions.

With the appropriate due diligence conducted up front combined with accurate pricing, high-risk

customers can go from risky business to profit generator.

4 | P a g e

Introduction The one constant in the financial industry is change. A shifting economy, regular changes to regulatory

guidance and increasing assessments for non-compliant financial institutions has put risk mitigation

at the top of many financial institutions’ to-do list. The Dow Jones & ACAMS Global Anti-Money

Laundering Survey Results 2016 found that “60 percent of respondents cite increased regulatory

expectations as the greater AML compliance challenge, followed by concerns regarding having enough

properly trained staff. Formal regulatory criticism increased by 4 percent from 2015.”1

In March of 2016 the United States Government Accountability Office issued its Report to

Congressional Requesters regarding Financial Institutions: Fines, Penalties, and Forfeitures for

Violations of Financial Crimes and Sanctions Requirements. The report indicated that “from January

2009 through December 2015, federal agencies assessed about $5.2 billion for BSA violations, $27

million for FCPA violations and about $6.8 billion for violations of U.S. sanctions program

requirements”.2 That works out to an average of approximately $2 billion assessed annually to

financial institutions for program violations. This increasing volume of financial assessments

combined with the ever changing regulatory environment has financial institutions constantly

evaluating risk versus reward and looking for more effective and cost efficient ways to mitigate risk.

As a result of this combination of financial assessments and regulatory changes some high risk

customers are facing an interesting challenge themselves. They are being forced out of larger financial

institutions in what has been widely known in the industry as de-risking. These customers are now

opening accounts at small or mid-size financial institutions either with full disclosure of their intended

activity or more commonly in the hopes of flying under the radar of less sophisticated monitoring

systems. In some cases, these high risk customers have been left to find alternatives to the traditional

banking system altogether.

This convergence provides an interesting opportunity for willing mid-size financial institutions that

are not averse to taking on the risk associated with banking these higher risk customers. The key is

finding the right balance between risk and reward. This paper will explore how that balance can be

achieved through proper planning and due diligence before on boarding.

Definitions Currently, there is not a consensus on the definition of a mid-size financial institution. A paper

published by Heather Gratton, a senior financial analyst at the FDIC, in June of 2004 indicated “The

midsize banking sector is difficult to define. We call “midsize” any banking organization (bank or

thrift holding company, independent bank, and independent thrift) that has aggregate assets of more

than $1 billion, excluding the 25 largest banking organizations”.3

1 http://www.acams.org/2016-aml-challenges-survey-results/ 2 United States Government Accountability Office. “Financial Institutions Fines, Penalties, and Forfeitures for Violations of Financial Crimes and Sanctions Requirements”. Report to Congressional Requesters. 22 Mar. 2016. 3 Gratton, Heather. “Regional and Other Midsize Banks: Recent Trends and Short-Term Prospects”. Future of Banking Study. 1 June 2014.

5 | P a g e

An article published in American Banker in February of 2012 entitled FDIC Seeks New Definition of

Community Bank discussed the FDIC’s efforts to look at more than asset size when defining a

community bank. The paper discussed the traditional cutoff of $1 billion in assets or less to be

considered a community bank but found that many financial institutions in the $10 to $20 billion

dollar range functioned as community banks in all other aspects outside of their asset size.4

Similarly, the Mid-Size Bank Coalition of America defines mid-size financial institutions as having

assets between $10 and $50 billion.5

For the purpose of this paper, mid-size financial institutions will refer to financial institutions with an

asset size of $1 billion to $20 billion.

There are a number of factors used to determine what constitutes a high risk customer and customer

risk ratings are subjective among financial institutions. The FFIEC BSA/AML Examination manual

identifies high risk customers and entities as: 1.) nonresidential aliens and foreign individuals, 2.)

politically exposed persons (PEPs), 3.) embassy, foreign consulate and foreign mission accounts, 4.)

nonbank financial institutions, 5.) professional service providers, 6.) business entities (domestic and

foreign) and 7.) cash intensive businesses.6 The risk these categories of customers pose is quite

different and therefore the mitigation techniques are likewise varied.

The FFIEC BSA/AML Examination manual provides financial institutions a solid framework that

can be used to assist in creating procedures for mitigating the risks these unique customers pose.

Ultimately it is up to each individual financial institution to determine how best to meet these standards

with the organization’s available resources. While larger financial institutions may be more readily

equipped to efficiently bank many or all categories of high-risk customers, small and mid-size financial

institutions may not. Those wishing to begin banking high-risk customers should carefully evaluate

how these customer types could fit into their existing monitoring framework.

De-Risking De-risking has become a hot debate in the financial and regulatory sector as increased regulatory

assessments and changing regulations have forced financial institutions to continuously evaluate risk

exposure. De-risking is not a new concept among financial institutions as many financial institutions

have historically maintained exit strategies for customers who have opened the institution up to

regulatory scrutiny or proven to not be worth the risk of the relationship. However, the recent

convergence of financial assessments and regulatory changes have some financial institutions mass

exiting entire high risk segments or customer bases in an attempt to reduce risk and exposure.

The Dow Jones & ACAMS Global Anti-Money Laundering Survey Results 2016 found that “In 2016,

40 percent of respondents report their companies have exited a full business line or segment of

business in the past 12 months due to perceived regulator risk and/or the organization’s inability to

manage the risk, an increase from 2015. About one-third of respondents claim their companies are

4 Adler, Joe. “FDIC Seeks New Definition of Community Bank”. American Banker. 23 Feb. 2012 5 http://midsizebanks.com/about/ 6 FFIEC BSA/AML Examination Manual Pages 286-324

6 | P a g e

planning to exit and/or are investigating the possibility of exiting a business line or segment in the

next 12 months due to regulatory risk.”7

What’s important to note in the de-risking debate is the point that not all high-risk customers are

created equal. As varied as the list of high-risk customers are the techniques to mitigate the risks they

pose is equally varied. Additionally, within each category of high-risk customers there are varying

degrees of risk. The FFIEC BSA/AML Examination Manual states “An effective risk assessment

should be a composite of multiple factors, and depending upon their circumstances, certain factors

may be given more weight than others…Bank management may tailor these factors based on their

customer base or the geographic locations in which the bank operates. Management should weigh

and evaluate each risk assessment factor to arrive at a risk determination for each customer. A bank’s

due diligence should be commensurate with the level of risk assigned to the MSB customer, after

consideration of these factors.”8 For example, choosing to bank a cash intensive convenience store

which offers check cashing services and maintains one location within the vicinity of the financial

institution would require a lower level of due diligence than a cash intensive convenience store which

offers check cashing services, prepaid cards, international transfer services and maintains multiple

locations across multiple states. This varying degree of risk underscores the importance of knowing

your customer (KYC). Mid-size financial institutions considering on boarding high-risk customers

should evaluate the strength of the institution’s current KYC program to ensure it is commensurate

with the added risks these customer types pose.

While many illegitimate businesses and bad actors exist there are plenty of legitimate high-risk

customers who may be worth the risk and additional due diligence required to bank them. The key is

attempting to decipher between the two prior to on boarding rather than after the account has been

opened. This distinction highlights the need for strong risk rating procedures at account opening to

ensure that customers who meet the definition of high risk are properly identified at account opening

and appropriate due diligence is executed.

Mid-size financial institutions can maximize their profits, when choosing to bank these high-risk

customers, by evaluating the financial institution’s strong suits and creating a niche for themselves

within the market. Focusing on a specific high-risk customer category rather than taking on all types

of high-risk customers can allow mid-size financial institutions to profitably bank these customers in

a more cost efficient manner. Additionally, slowly expanding the varied customer base mid-size

financial institutions bank can allow institutions to learn from their mistakes on a smaller scale and

make adjustments as needed to course correct. An added benefit of slow expansion rather than

explosive growth is a reduced risk of serious regulatory infractions.

System Considerations A primary consideration for mid-size financial institutions looking to bank higher risk customers

should be system considerations. Are the organization’s current automated AML and fraud detection

7 http://www.acams.org/2016-aml-challenges-survey-results/ 8 FFIEC BSA/AML Examination Manual Pages 303-304

7 | P a g e

systems sufficient enough to provide proper mitigation for these higher risk clients or will additional

manual processes have to be implemented to meet regulatory requirements?

Automated systems can provide a cost effective solution for monitoring high risk customers.

Parameters within the system can be adjusted to allow alerts for high-risk customers to trigger at lower

thresholds thus ensuring these customers’ activities will be reviewed on a more frequent basis.

Additionally, many automated systems allow for customer risk ratings which can also be used to

produce alerts at varied thresholds based on a customer’s perceived risk. Many of the FFIEC

guidelines can be accomplished through a combination of utilization of automated alerts and adding

additional steps within the alert review process for these customer types thus eliminating the need for

manual reviews to be completed on a specified basis. The key is ensuring procedures are preserved

in writing and periodically updated as applicable. This provides solid documentation for regulators

which shows the bank’s due diligence efforts and can also be used for quality control purposes when

evaluating alert analyst’s reviews.

Additionally, the possibility of creating targeted alerts or adding rules to existing alert types to identify

specific potentially suspicious situations should be explored. For example, an ATM alert could be

modified to trigger for cash deposit activity between the hours of 1am and 5am. The generation of

an alert with these parameters could signal potential illicit funds being run through a personal or

business account. The specificity of this type of customized alert also reduces the likelihood of a large

volume of false positives as it is identifying a very specific pattern of activity which could identify high-

risk behavior. These more dialed in alerts can assist in identifying potentially risky changes in existing

customers’ patterns of behavior or flag concerning new customer behavior.

Even if customization within an alert system is not feasible, many alert monitoring systems provide

reporting capabilities or the capability to extract transactional data from the system into Excel or other

similar products for analysis. Data can then be sorted, filtered or run through pivot tables to allow

for quick analysis of month over month or year over year activity. Properly trained staff can then

quickly manipulate this data to look for trends or significant changes in customer behaviors.

Maximizing canned reporting or data extracts is an excellent time saver when manual reviews of high-

risk customers are required.

Another consideration when evaluating automated system capabilities is the capability for peer-based

monitoring. Does the system have the capability to produce alerts for high-risk customers whose

activity far exceeds other customers in the same industry? This type of analysis is often even more

useful than looking for anomalies within the customer’s activity as it can highlight outliers to a peer

group. Additionally, it would be very hard to manually recreate this type of information. Not all

systems offer peer-based monitoring so mid-size financial institutions should consider how impactful

this capability or lack of will be for the type of high-risk customers they are considering banking. For

example, a financial institution considering banking PEP’s would be less impacted by the lack of this

capability than a financial institution considering banking Money Service Businesses (MSBs).

If a financial institution does not have an automated system capable of producing the appropriate

alerts, then a manual process would need to be drafted to accomplish the additional required due

diligence. A frequency schedule as well as a template for review would need to be drafted and

maintained to provide consistency in the review process. As noted above, financial institutions

8 | P a g e

requiring a manual process should consider if there is the capability to extract data from any existing

alert monitoring system to try to streamline analysis of account activity. Additionally, the added time

for the manual process should be considered in planning to allow for timely completion and

appropriate staffing levels. Manual reviews can easily fall to the back burner with the steady stream

of alerts generated through automated systems. It is imperative that these reviews be completed within

the guidelines of the procedure created by the financial institution to ensure compliance.

Regardless of how the additional due diligence is completed, either through automated alerts or

manual reviews, the process should be regularly evaluated for both its effectiveness and efficiency.

Completing an analysis of all active, as well as inactive, alert parameters on a periodic basis can clue

management in to the effectiveness of various alert parameters. The analysis should include an

evaluation of the alert to case or alert to SAR ratio. This data can then be evaluated to determine if

an alert type is ineffective, if parameter adjustments are needed or perhaps if additional training of

staff may be in order. Regularly completing this exercise can provide management with invaluable

data which can be used to effectively make decisions regarding the current monitoring system’s

settings and effectiveness. Given the varied alert monitoring systems and the uniqueness of each

combination of alert parameters, thresholds and specific rules there is not a rule of thumb for alert to

case or alert to SAR ratios. It is therefore critical that this data be compared over a specified timeframe

such as month over month or quarter over quarter to create a reasonable baseline that the financial

institution can use for evaluation. This period over period data can then be used to lend clues to

which category the alert falls into. For example, a parameter which has been consistently effective in

the past three quarters at 3.2 percent and drops to 1.1 percent in the most recent quarter could be an

early indicator of a shift in the financial institution’s customer base or activity or could be an indication

that training may be needed to reinforce what things should be evaluated when looking at that specific

alert type. An alert which has never been effective would need to be evaluated for potential parameter

changes or for deactivation.

Additionally, as the number of high-risk customers a financial institution maintains increases,

management should pay attention for critical tipping points where maintaining manual review

processes becomes less cost effective than purchasing software with the appropriate capabilities or

considering the use of consultants. It is critical that management have a strong understanding of

manual review processes and the expected time of completion so they can more readily identify when

this tipping point is approaching. For example, if a manual process that was previously requiring 1.5

full-time employees (FTEs) is now taking 3 FTEs to complete, the number of accounts requiring

manual review may have grown to the point where automation or the use of consultants may be a

more cost effective solution than continuing to hire full-time staff.

Staffing Considerations Staffing considerations are another important aspect to the decision of whether or not to bank high-

risk customers. A strong BSA/AML compliance program starts at the top and should be led by an

experienced BSA Officer. Subsequently, highly trained BSA/AML/Fraud analysts can more

effectively and efficiently evaluate account activity than analysts with less experience. Additionally,

analysts with a higher level of expertise can ultimately save the financial institution time and money

by reducing the risk of loss from missed activity or regulatory violations. When evaluating staffing,

9 | P a g e

financial institutions should consider things such as training options, experience level of current

analysts and compensation expense.

Training of analysts can be completed either internally or externally. Internal training can be achieved

quite cost-effectively by having senior analysts assist in the training of lower level analysts. This can

be accomplished through one-on-one trainings, senior analysts leading specific training on areas in

which they are subject matter experts, etc. Additionally, there are a number of out-of-box training

programs or webinars which can be adapted to provide cost effective training to multiple analysts at

once. Custom training sessions can also be designed by management or senior analysts to expand the

knowledge base of current analysts based on information found through research conducted online

using reference rich websites such as ACAMS, Bankers Online, Bankers Toolbox, etc.

Team huddles are another cost effective way to share information across the department and allow

for collaboration and cross training. In order to maximize effectiveness, huddles should be well

planned with specific topics for conversation and a framework for discussion. Topics should be

distributed in advance along with a stated expectation of participation. This will allow participants

time to properly prepare and actively contribute to the conversation. Additionally, huddles should be

interactive as all levels of analysts have valuable insight based on unique backgrounds and experiences.

A positive team environment can be fostered through the sharing of wins and tips and tricks. Case

studies provide for real life scenarios and outcomes which are easy to connect with and remember.

Senior analyst’s skills and expertise can also be utilized in quality control functions to spot check the

work of lower level analysts. This will help financial institutions ensure consistency, accuracy and

completeness. Leveraging the skills of senior analysts can allow institutions to bank a higher number

of high-risk customer accounts at a lower cost.

When financially feasible, external training such as local seminars and regional conferences can provide

targeted training on specific areas of concern, expand general knowledge, provide invaluable insight,

provide tools and resources that can be brought back and implemented as well as offer networking

opportunities and contacts. External training can also be used as an incentive for high performing

analysts to grow their skills outside of their normal working environment. The information obtained

during these trainings can then be brought back and shared with other members of the department.

Financial institutions may also want to consider having analysts join local trade groups. These groups

can prove invaluable by offering peer groups which can give insight to trends or concerns noted by

other financial institutions in the area. Additionally, many often sponsor local events. Examples of

such groups include local ACAMS chapters, local Bankers Associations, Banking Coalitions with Local

Law Enforcement Agencies, etc.

The experience level of current analysts and potential analysts is also an important consideration.

Analysts with a higher level of expertise can more effectively evaluate the risk of a potential client

saving the financial institution time and reducing the risk of loss from missed activity. Senior analysts

can also more readily identify complex schemes that may go undetected by less experienced analysts.

Financial institutions should evaluate the experience level of their current team prior to onboarding

high-risk customers to determine if the current experience level of staff is commensurate with the

level of activity they will be monitoring for. Improperly trained staff or staff that lack the appropriate

expertise level to effectively analyze the increased risk posed by high-risk customers could be criticized

10 | P a g e

by examiners. Additionally, encouraging existing analysts to obtain certifications such as CAMS shows

the financial institution’s commitment to properly train staff.

Lastly, compensation expense should be considered by financial institutions when deciding whether

to bank high-risk customers. Automated systems can reduce the need for manual reviews by

highlighting potentially suspicious activity but analysts are still needed to review this activity.

Ultimately, the higher the experience level and training of an analyst the higher the compensation

expense the financial institution will incur. This increase in compensation can be offset in part by

properly pricing high-risk customer accounts. Additionally, higher level analysts, especially those with

advanced certifications, are more likely to identify suspicious activity early on which can save the

financial institution from costly assessments or loss due to fraud.

Mid-size financial institutions should also consider non-monetary incentives that could be offered to

higher level analysts such as flex time, additional PTO, opportunities to work from home, sporting

event tickets, etc. Many employees find these alternatives to traditional pay incentives as enticing, or

more enticing, than a straight salary negotiation. A recent article published in HR Today found

“Health insurance and 401(k)s have suddenly become old-school – necessary but not always sufficient

for attracting and retaining top talent, especially young workers who may need more incentive than

their older peers to commit to a company for more than a year or two. That’s why many employers

are adjusting their benefits packages to include a wide array of items that ease the stresses of workers’

day-to-day lives. The goal is to create happier, more stable workforces that are far less likely to be

distracted at the office because of unfinished tasks at home.”9 It can be costly to interview, hire and

train new analysts, especially in smaller markets where there are not a lot of other financial institutions

headquartered, so maintaining high performing alert analysts is a win for both the financial institution

and the analyst.

Risk versus Reward Perhaps the most import consideration for mid-size financial institutions looking to bank high-risk

customers is the concept of risk versus reward. Does the financial compensation received from the

maintenance of these higher risk accounts outweigh the risks associated with banking these customers?

The added strain the additional required due diligence will place on the existing monitoring systems

and staffing needs to be off-set by commensurate pricing. Terry Pesce, head of the global anti-money

laundering practice at KPMG gave the following thoughts on this topic, “Banks are not charities. If

it’s going to cost them more to manage a high-risk client then they’re going to make on the account,

they will probably cut off the customer.”10

Three things mid-size financial institutions should consider when evaluating risk versus reward are:

the time impact the maintenance of these accounts will have on resources and management, pricing

9 Milligan, Susan. “Employee Benefits Get Extreme”. HR Today. 25 Aug. 2016. https://www.shrm.org/hr-today/news/hr-magazine/0916/pages/employee-benefits-get-extreme.aspx 10 Ensign, Rachel Louise. “Banks, Regulators Reach Impasse Over Risky Account Closures”. The Wall Street Journal. 30 Mar. 2015. http://blogs.wsj.com/riskandcompliance/2015/03/30/banks-regulators-reach-impasse-over-risky-account-closures/

11 | P a g e

considerations to determine if the potential fees paid by these customers will offset the added expense

of maintaining the accounts and the potential regulatory impact to the financial institution.

The impact of time spent monitoring, reviewing and maintaining high-risk customers and accounts is

often hard to quantify as it impacts various departments across the financial institution. Additionally,

the true cost of time is not easily calculated as each department impacted would have a different cost

associated with it. The additional due diligence that would need to be completed at account opening

will affect branch personnel productivity times as they work with these clients to complete more

cumbersome account opening procedures. Additionally, the transaction types and volumes of activity

for some high-risk customers, such as cash intensive businesses, will affect branch personnel’s time

efficiency as one teller may be tied up for an extended period of time processing bulk cash deposits,

change orders or completing multiple deposits with high volumes of checks. Other time

considerations for branch personnel would include the need to order and process additional fed

shipments of cash or coin. Retail management may be impacted if branch personnel have questions

at account opening due to the complex nature of the due diligence required and the fact that these

accounts may not be opened at the same frequency as personal or small business accounts. BSA/AML

Fraud staff will be impacted by an increase in automated alerts and the potential need for manual

reviews. These reviews will likely be more extensive and time consuming based on the volume of

activity presented for review and a need to more thoroughly analyze higher risk activity. Other

departments that could be potentially impacted would include risk management, deposit operations,

treasury management, etc.

FATF Recommendations require financial institutions to identify, assess and understand their money

laundering and terrorist financing risks as well as implement measures that are appropriate for the

level of the risks identified.11 While financial institutions can’t eliminate all risks associated with

banking high-risk customers, it is imperative that they put appropriate measures in place to effectively

mitigate risk and identify potentially suspicious activity. The key is to appropriately identify risk so

that measures taken are commensurate with the risk identified. One way mid-size financial institutions

can reduce the amount of time needed to maintain these high risk customer accounts is by properly

completing KYC at account opening and ensuring new customers are appropriately placed into the

correct account type. This should be based on the risk the customer type and account activity dictates.

This will allow for a more efficient use of current resources on the back end and focus the financial

institution’s efforts on truly high-risk activity.

Setting customer expectations upfront can also reduce the risk posed when banking high-risk

customers. Legitimate businesses are generally willing to provide documentation up front to

substantiate their business. High-risk customers not willing to provide this documentation or

questioning the need for it indicates a red flag that should be taken into consideration prior to opening

the account. Documentation obtained at account opening can be used to evaluate account activity

from day one and can be used to more quickly identify potential changes in expected activity. Asking

for the necessary documentation to mitigate risk after an account is opened is often an uphill battle as

the customer has less incentive since the account is already open.

11 http://www.fatf-gafi.org/publications/fatfrecommendations/documents/fatf-recommendations.html

12 | P a g e

Pricing considerations should be examined and designed before a financial institution begins on-

boarding high-risk customers. Due to the nature of high-risk customers’ activity, they pose a higher

risk to the financial institution and as a result will require a higher level of due diligence. Mid-size

financial institutions should complete extensive research including looking at what peer banks are

charging for similar services prior to implementing a pricing structure for these higher risk customers.

Pricing should take into consideration the additional risk, the additional due diligence required, the

need for ongoing monitoring, both automated and manual, and the staffing requirements to manage

the automated alerts, enhanced due diligence and manual reviews. The potential pricing structure

should then be reviewed against the added expense that will be incurred to determine if the pricing

structure will appropriately compensate the bank for the additional work required and risk posed. It

may be necessary to come up with several different pricing structures if multiple high-risk customer

categories are being considered. This can help offset the variation in risk and transaction type/volume.

For example, a financial institution would not want to place a customer who falls into the category of

a PEP in an account with the same fee structure as a customer who falls into the category of a cash

intensive business.

Supplemental income can also be obtained through fee schedules which charge customers a-la-carte

for transactions such as domestic and international wire fees, bulk cash ordering fees, coin processing

fees, sweep services, Positive Pay, etc.

Proper pricing of these accounts from acquisition can turn high-risk accounts into profit generators.

As previously noted, many of these high-risk customers/businesses are unable to find financial

institutions willing to take on this additional risk so they are often willing to pay higher rates and fees

to maintain their accounts. Financial institutions should ensure that their fees are reasonable in

comparison to the additional time and work required to maintain due diligence so that they are not

inadvertently adversely discriminating against these high-risk customers.

Additionally, financial institutions should be mindful that constant evaluation of processes and pricing

are needed to ensure effectiveness, necessity and accuracy over time.

Lastly, mid-size financial institutions should consider the potential regulatory impact these customers

could have on the financial institution. Recent large assessments that have made news included: Mega

International Commercial Bank Co, LTD., New York Branch paying $180 million for AML/BSA

Deficiencies, First National Bank of Omaha, Omaha, Nebraska paying $3 million for violations related

to billing practices and The Goldman Sachs Group, Inc., New York paying $36.3 million for

unauthorized use of confidential supervisory information, etc.12

Mid-size financial institutions should ensure that they have robust CIP, KYC, EDD, BSA/AML and

transaction monitoring processes in place along with written procedures to mitigate the added risks

these customers pose. Having a centralized and comprehensive BSA/AML Compliance Program

which includes written policies and procedures surrounding regulatory requirements and related

topics, products, services, persons and entities can provide needed documentation of the financial

institution’s efforts to comply with regulatory expectations. The FFIEC BSA/AML Examination

Manual provides an excellent framework that can be used when creating this centralized BSA/AML

12 http://www.moneylaundering.com/Calendars/Pages/Enforcements.aspx

13 | P a g e

Compliance Program. It is also important for mid-size financial institutions to remember that once

created this should be a living document that is regularly updated to include changes to products and

services offered, changes in procedures, etc.

Conclusion In conclusion, mid-size financial institutions can create lucrative niches within the market by banking

high-risk customers that align with the institution’s strengths. These niches can provide mutually

beneficial relationships for both the financial institution and the high-risk customer.

Financial institutions that successfully conduct the appropriate due diligence up front, accurately assess

current staffing and system resources and deploy strategic pricing can take potentially high-risk

customers from risky business to profit generators.

14 | P a g e

References

1.) ACAMS & Dow Jones. “Global Anti-Money Laundering Survey Results 2016.”

http://www.acams.org/2016-aml-challenges-survey-results/ Accessed 27 August 2016.

2.) United States Government Accountability Office. “Financial Institutions Fines, Penalties, and

Forfeitures for Violations of Financial Crimes and Sanctions Requirements”. Report to

Congressional Requesters. 22 Mar. 2016.

3.) Gratton, Heather. “Regional and Other Midsize Banks: Recent Trends and Short-Term

Prospects”. Future of Banking Study. 1 June 2014.

4.) Adler, Joe. “FDIC Seeks New Definition of Community Bank”. American Banker. 23 Feb.

2012

5.) MBCA Mid-Size Bank Coalition of America. http://midsizebanks.com/about/ Accessed 19

August 2016.

6.) FFIEC. “Bank Secrecy Act/Anti-Money Laundering Examination Manual” 17 Nov. 2014.

7.) Milligan, Susan. “Employee Benefits Get Extreme”. HR Today. 25 Aug. 2016.

https://www.shrm.org/hr-today/news/hr-magazine/0916/pages/employee-benefits-get-

extreme.aspx

8.) Ensign, Rachel Louise. “Banks, Regulators Reach Impasse Over Risky Account Closures”.

The Wall Street Journal. 30 Mar. 2015.

http://blogs.wsj.com/riskandcompliance/2015/03/30/banks-regulators-reach-impasse-

over-risky-account-closures/

9.) http://www.fatf-gafi.org/publications/fatfrecommendations/documents/fatf-

recommendations.html

10.) http://www.moneylaundering.com/Calendars/Pages/Enforcements.aspx