What Tools Do You Need for Banking High-Risk Businesses?
Updated: Nov 9, 2022
“Risk” has sometimes been described as the flipside of “opportunity.”
For many community banks and credit unions, risk is not something to fear or to avoid, but instead is an aspect of customer relationships that needs to be understood and skillfully managed.
In recent years, the size of penalties levied for failing to properly bank higher-risk businesses has grown. As one of many signs of this trend, effective September 29th, the Financial Industry Regulatory Authority (FINRA) established new penalties for anti-money laundering (AML) violations. Among the changes made by FINRA is the removal of upper limits for certain violations, such as failing to reasonably monitor and report suspicious activity.
A Well-Trained Staff
Not surprisingly, two of the five pillars of an effective BSA/AML compliance program directly relate to how employees are overseen and trained. That’s because skilled employees are an essential tool when it comes to banking higher-risk businesses, and are one of the hardest commodities to find (or create).
The second pillar of a robust compliance program—designating an AML/BSA officer—encompasses far more than simply assigning an individual to wear the AML/BSA officer hat. As noted in an earlier blog post, what examiners are looking for in an AML/BSA officer is someone who has the knowledge and experience to manage a program successfully -- without being stretched to the point where potential problems may go undetected. A BSA/AML officer is the guide for how policies and procedures are implemented, they are a program’s architect and ensure upkeep at a time where requirements change rapidly. But without a well trained team to support them, executing on policies and procedures as designed can be problematic.
This brings us to the third pillar of effective compliance: ongoing and relevant training of employees. As RiskScout discussed in an earlier blog post, there are three specific occasions when revisiting training is considered pivotal: at onboarding, at regularly determined intervals (often annually), and whenever BSA/AML requirements change. It is up to the BSA/AML officer and ultimately the board to ensure training maximizes your staff’s ability to perform their roles in a time efficient and effective manner.
To quote RiskScout’s August 12th blog post, “Aside from the ‘when’ of training, financial institutions must think long and hard about the ‘who’ question, as well. While of course the BSA/AML compliance team must be trained, all employees need familiarity with what’s involved in BSA and AML requirements to try to stop illegal activities from taking place.”
A Sophisticated Risk-Rating Model
In a white paper titled “Flushing out the Money Launderers with Better Customer Risk-Rating Models,” McKinsey maintains that regulators are eager for financial institutions to be imaginative when it comes to combating money laundering.
McKinsey suggests that there are five best practices for banks adopting new customer risk-rating models:
Simplify your model. Too many banks and credit unions place quantity over quality—and not all of the risk factors they’re using help an institution make meaningful distinctions. McKinsey suggests that a more holistic model for assessing risk may be effective.
Improve data quality. McKinsey calls poor data quality “the single biggest contributor to the poor performance of customer risk-rating models.”
Balance out human judgment with statistical analysis. A risk model will require human judgment, but it should also be built on an analysis of high-risk cases, previously identified by regulators and others.
Regularly update customer profiles. Remember that information in a risk profile can quickly become outdated, and relying on customers to update this information is problematic (because they often fail to do so). One tool to keep information up to date is making sure a customer’s behavior is aligned with the information reported. For instance, knowing a customer’s profession doesn’t give a financial institution all that much information; better, says McKinsey, is determining whether the customer’s transactions are in line with the profession that he or she has listed.
Use machine-learning and other tech tools. Tools that can analyze customer inputs are critical for determining the level of risk posed by a given customer.
To read the McKinsey piece, click here.
Enterprise-level solutions—like those offered by RiskScout—are designed to ease the burden of compliance when it comes to banking high-risk businesses.
RiskScout can help with a “compliance check-up,” a necessary first step in designing and implementing a BSA/AML program for those community banks and credit unions that work with higher-risk commercial markets. Knowing where you stand is the first step for mitigating risk.
Finally, a technology provider can provide far more comprehensive help than simply assisting in the onboarding of higher-risk banking customers. Providers can also monitor these relationships over time, making sure that as a business evolves and changes, its risk profile is updated, too, and all regulatory requirements are met. With RiskScout, we aim to ease the process for maintaining accurate and up to date client information, to inform an appropriate risk management strategy. Whatever method you choose to manage your program, ensuring you maintain appropriately scoped and accurate client data gives you the raw materials for success.
Join the Higher Risk Banking Group
This is your private resource group for financial institutions to ask questions, get advice, and learn from experts on providing financial services to higher-risk specialty business markets including: Private ATM, Hemp & CBD, Crypto, MSB, Cannabis (THC), Fintech, and more.