Group of professionals discuss finance

Breaking news and expert analysis on legal and compliance issues

[Back To Home][Back To Archives]

From Banking and Finance Law Daily, December 1, 2015

NYDFS proposes AML transaction monitoring and certification requirements

By John M. Pachkowski, J.D.

New York Governor Andrew M. Cuomo has announced that his administration is proposing a new anti-terrorism and anti-money laundering regulation that would require banking institutions supervised by the New York Department of Financial Services to maintain transaction monitoring and watch list filtering programs (collectively, transaction monitoring and filtering programs) as part of their Bank Secrecy Act/Anti-Money Laundering compliance programs.

In addition to the transaction monitoring and watch filtering programs, a senior officer of each banking institution would be required to certify that the institution’s monitoring and filtering programs are sufficient to “detect, weed out, and prevent illicit transactions.”

Shortcomings. The proposal, which is subject to a 45-day comment period, is the end result of a series of investigations conducted by NYDFS into terrorist financing, sanctions violations, and anti-money laundering compliance at financial institutions.

The proposal noted that “the Department has become aware of the shortcomings in the transaction monitoring and filtering programs of these institutions and that a lack of robust governance, oversight, and accountability at senior levels of these institutions has contributed to these shortcomings.” It continued, “The Department believes that other financial institutions may also have shortcomings in their transaction monitoring programs for monitoring transactions for suspicious activities, and watch list filtering programs, for ‘real-time’ interdiction or stopping of transactions on the basis of watch lists, including OFAC or other sanctions lists, politically exposed persons lists, and internal watch lists.”

Transaction monitoring program. A financial institution will be able to create a transaction monitoring program that is either manual or automated and based on a risk assessment of the institution. In addition, the transaction monitoring program would be required to meet certain minimum attributes. The minimum attributes must:

  • reflect all current BSA/AML laws, regulations and alerts, as well as any relevant information available from the institution’s related programs and initiatives, such as "know your customer due diligence,” "enhanced customer due diligence," or other relevant areas, such as security, investigations, and fraud prevention.
  • map BSA/AML risks to the institution’s businesses, products, services, and customers/counterparties;
  • utilize BSA/AML detection scenarios that are based on the institution’s risk assessment with threshold values and amounts set to detect potential money laundering or other suspicious activities;
  • include an end-to-end, pre- and post-implementation testing of the transaction monitoring program, including governance, data mapping, transaction coding, detection scenario logic, model validation, data input, and program output, as well as periodic testing;
  • include easily understandable documentation that articulates the institution’s current detection scenarios and the underlying assumptions, parameters, and thresholds;
  • include investigative protocols detailing how alerts generated by the transaction monitoring program will be investigated, the process for deciding which alerts will result in a filing or other action, who is responsible for making such a decision, and how the investigative and decision-making process will be documented; and
  • be subject to an ongoing analysis to assess the continued relevancy of the detection scenarios, underlying rules, threshold values, parameters, and assumptions.

Watch list filtering program. A financial institution’s watch list filtering program will be required to interdict transactions, before their execution, that are prohibited by applicable sanctions, including Office of Foreign Assets Control (OFAC) and other sanctions lists, politically exposed persons lists, and internal watch lists.

The watch list filtering program can be either manual or automated, but it must have certain minimum attributes which include:

  • being based on the risk assessment of the institution;
  • being based on technology or tools for matching names and accounts, in each case based on the institution’s particular risks, transaction and product profiles;
  • end-to-end, pre- and post-implementation testing;
  • ongoing analysis to assess the logic and performance of the technology or tools for matching names and accounts, as well as the watch lists and the threshold settings to see if they continue to map to the risks of the institution; and
  • easily understandable documentation that articulates the intent and the design of the program tools or technology.

The proposal would also require that each financial institution’s transaction monitoring and watch list filtering programs:

  • identify all data sources that contain relevant data;
  • validate the integrity, accuracy, and quality of data to ensure that accurate and complete data flow through the transaction monitoring and filtering program;
  • provide data extraction and loading processes that ensure a complete and accurate transfer of data from its source to automated monitoring and filtering systems, if automated systems are used;
  • provide governance and management oversight to ensure that changes are defined, managed, controlled, reported, and audited;
  • establish a vendor selection process if a third-party vendor is used to acquire, install, implement, or test the transaction monitoring and filtering program or any aspect of the program;
  • provide funding to design, implement, and maintain a transaction monitoring and filtering program that complies with the requirements found in the proposal;
  • ensure that qualified personnel or an outside consultant is responsible for the design, planning, implementation, operation, testing, validation, and ongoing analysis of the transaction monitoring and filtering program, including automated systems, if applicable, as well as case management, review, and decision making with respect to generated alerts and potential filing; and
  • provide periodic training of all stakeholders with respect to the transaction monitoring and filtering program.

Finally, the proposal would prohibit any financial institution from making any changes or alterations to its transaction monitoring and filtering program to avoid or minimize filing suspicious activity reports, or because the institution does not have the resources to review the number of alerts, or to otherwise avoid complying with regulatory requirements.

Certification. The proposal’s annual certification provision, which is based on the Sarbanes-Oxley Act, would require a financial institution’s chief compliance officer to vouch for the institution’s compliance obligations. The proposal provides that a “Certifying Senior Officer” who files an incorrect or false Annual Certification may be subject to criminal penalties for such a filing.

Especially vital. Commenting on the proposal, Governor Cuomo noted, "Money is the fuel that feeds the fire of international terrorism. Global terrorist networks simply cannot thrive without moving significant amounts of money throughout the world. At a time of heightened global security concerns, it is especially vital that banks and regulators do everything they can to stop that flow of illicit funds."

MainStory: TopStory BankingOperations BankSecrecyAct NewYorkNews OversightInvestigations PrudentialRegulation StateBankingLaws

Back to Top

Banking and Finance Law Daily

Introducing Wolters Kluwer Banking and Finance Law Daily — a daily reporting service created by attorneys, for attorneys — providing same-day coverage of breaking news, court decisions, legislation, and regulatory activity.

A complete daily report of the news that affects your world

  • View full summaries of federal and state court decisions.
  • Access full text of legislative and regulatory developments.
  • Customize your daily email by topic and/or jurisdiction.
  • Search archives for stories of interest.

Not just news — the right news

  • Get expert analysis written by subject matter specialists—created by attorneys for attorneys.
  • Track law firms and organizations in the headlines with our new “Who’s in the News” feature.
  • Promote your firm with our new reprint policy.

24/7 access for a 24/7 world

  • Forward information with special copyright permissions, encouraging collaboration between counsel and colleagues.
  • Save time with mobile apps for your BlackBerry, iPhone, iPad, Android, or Kindle.
  • Access all links from any mobile device without being prompted for user name and password.