ABRAMS GARFINKEL MARGOLIS BERGSON, LLP
Dynamic Legal Representation for You and Your Business


Compliance Question of the Week:
AML Program — Mandatory Independent Testing


Q: Are both banks and nonbanks required to perform an independent audit of their anti-money laundering ("AML") program? What are the requirements for such audit?

A: Yes, the Bank Secrecy Act ("BSA") requires all residential mortgage lenders and originators to perform an independent review or audit of their AML program. Although the BSA does not specifically set forth the time frame for performing such testing, the Federal Financial Institutions Examination Council ("FFIEC") indicated that sound practice is for an entity to perform an independent audit of its AML program at least every 12-18 months, commensurate with the entity's risk profile.

Testing must be performed by both an independent and qualified party. While this does not mean the audit cannot be performed by an employee, the individual or individuals completing the audit must be fully familiar with AML requirements and cannot be involved in any of the AML functions of the Company. As such, the Company designated AML Officer would be unable to perform the audit. For this reason, many entities engage outside service providers to perform independent audits of their AML program.

Whoever performs the review should report directly to the entity's Board of Directors or Executive Management. Testing should cover all of the entity's activities and the results should be sufficiently detailed to assist the Board of Directors and/or Executive Management in identifying areas of weakness so that improvements may be made and additional controls may be established. Among other items, the Company's written policies and procedures should be reviewed as well as the qualifications of the AML Officer and the Company's training materials and attendance logs.

In recent years, state regulators have commenced examining the AML programs of their supervised entities more closely. In particular, many states now require entities to produce AML policies and procedures, as well as AML risk assessments and independent AML audit results as part of examinations. Failure to maintain these documents can oftentimes result in an adverse finding. Some states also maintain their own money laundering regulations, such as California, Florida, New Jersey, and Texas.

Most recently, on June 30, 2016, New York State’s Department of Financial Services ("NYADFS") issued a final Anti-Terrorism Transaction Monitoring and Filtering Program regulation. The new regulation, which goes into effect January 1, 2017, requires regulated institutions (banks, check cashers and money transmitters) to maintain a Transaction Monitoring Program that monitors transactions for potential BSA/AML violations and Suspicious Activity Reporting. The regulated entities will have to annually submit a board resolution or senior officer compliance finding to the NYSDFS confirming the steps taken to ascertain compliance with this regulation. Nonbank mortgage lenders and originators are not currently covered by this regulation.



New York Attorney Advertising: This email is designed for general information only.
The information presented in this email should not be construed to be formal legal advice nor the
formation of a lawyer/client relationship. Prior results do not guarantee a similar outcome.

© Copyright 2016 by Abrams Garfinkel Margolis Bergson, LLP. All rights reserved.
This email is designed and developed by The Public Relations and Marketing Group.
Facebook Twitter LinkedIn Google+ Youtube AGMB, LLP Website Neil Garfinkel Michael Barone Neil Garfinkel E-Mail Michael Barone E-Mail Marie O' Brien