Banks are automating their systems to comply with anti-money laundering laws made tougher by presidential directives and the USA Patriot Act, with many institutions facing increasing pressure from regulators and auditors.
One of the areas receiving more attention involves the tracking of non-customer transactions for monetary instruments like money orders, Visa gift cards, and traveler's and cashier's checks. Since manually cross-checking the names of non-customers against various government blacklists is difficult and potentially inaccurate, banks have been working at automating, tracking and logging their processing of these transactions electronically to avoid running afoul of auditors.
While such automated auditing is not explicitly required among regulations, many consider it a de facto mandate because of the confluence and language of various AML rules.
The Treasury Department's Office of Foreign Assets Control, or OFAC, promulgates requirements that bar any person or entity, including U.S. banks, from doing business with any countries or people considered engaged in money laundering or terrorism. OFAC publishes terrorist blacklists and administers trade and economic sanctions based on foreign policy and national security prerogatives.
Additionally, section 314a of the Patriot Act forces banks to search their accounts and submit information to FinCen, Treasury's information-sharing network, regarding suspected entities or persons named in reports it sends out every two weeks to institutions. Banks and other firms must search for matches on accounts maintained over the preceding year by the designated subjects or parties, and find transactions made over the last six months. If there's a match, institutions must place an "X" next to the specific party named and provide contact information.
Miami-based TransAtlantic Bank recently automated its auditing of such non-customer transactions with FAST314(a), a Web-based tool from ERAS JV, LLP, also headquartered in Miami. The system cross-checks the names of both the remitter and payee on monetary exchanges against various blacklists, and creates an audit trail of all searches and matches sent to regulators. Tellers enter names and addresses, and the Explorer-based desktop app records tracking numbers on instruments like traveler's checks.
"Most banks should be screening these instruments," says Jim Bedsole, an assistant director based in the Southeast for Integrated Compliance Solutions, LLC, a Moorestown, NJ-based consultancy. Not only is "the risk higher that you're going to have a violation" on such transactions, Bedsole says, but "it's easier to comply and do the check" because of the lower volumes and manual intervention involved in issuing such monetary instruments.
Auditing of all the payee names on every "regular," customer-written check, for instance, is rarely if ever done, even though it would constitute a violation if a bank cleared a check written to a blacklisted entity.
"[Banks] would have to invest in some type of computer scanning or optical character recognition that would be able to recognize those payees as they're written on the check, and then match them up on some type of automated program," Bedsole says. Thus, the regulatory heat has focused mostly on monetary instruments: "FinCen is cracking down on the FDIC [to make] sure the banks have a method of responding to the FinCen requests," says David Wilson, ERAS' president and founder.
Yet it wasn't an audit at TransAtlantic that led the bank back to ERAS to seek compliance with 314a, according to TransAtlantic's COO Dominic Suzek. The bank had previously installed ERAS' iMonitor, which red-flags suspicious transaction patterns.
Suzek says he made the decision after reading about the $10 million penalty rendered against Birmingham-based AmSouth Bank for failing to fully integrate monetary instrument sales tracking with its 314a response capability.
