Financial institutions face a growing number of threats from criminals and groups that seek to misuse the U.S. financial system. Drug dealers seek to launder illicit profits, terrorists try to use the financial system to fund future attacks, and cybercriminals look for ways to hack into bank accounts to steal money or private customer information.

The risks are very real, and so are the consequences for financial institutions that fail to have strong AML training as part of their compliance programs to prevent money laundering and other financial abuses.

In July 2015, Banamex USA, a California subsidiary of Citigroup, was fined $140 million by the Federal Deposit Insurance Corporation for failing to settle deficiencies with its AML program. In an online statement at the time, the FDIC cited violations of the Bank Secrecy Act and anti-money laundering laws and regulations, adding the bank “failed to implement an effective BSA/AML compliance program over an extended period of time.” Further, the FDIC found the institution “failed to provide sufficient BSA training and conduct effective independent training.”

Omar Magana, a Senior Compliance Professional with Chartwell Compliance, said cases like these point to potential risks for financial institutions if they don’t have strong AML compliance programs and training. He added it is imperative institutions take the necessary steps to ensure employees are properly trained to detect, report and prevent illegal activity.

Why financial institutions need to invest in AML training

The risks are very real, and so are the consequences for financial institutions that fail to have strong AML training as part of their compliance programs.

Regulatory requirements

One of the biggest risks financial institutions face if they have an inadequate AML compliance program is being in violation of the law, according to Magana. Employees need to be trained on the Bank Secrecy Act, which requires U.S. financial institutions to report large cash transactions and suspicious customer activity that may indicate money laundering, tax
evasion or other criminal activities.

The USA Patriot Act, enacted after the Sept. 11, 2001 terrorist attacks, has added regulatory
requirements for financial institutions aimed at combatting terrorism financing. Magana noted that Section 352 of the Patriot Act requires financial institutions to, at a minimum, meet the
following four requirements in their AML programs:

1. Develop internal policies, procedures and controls;
2. Designate a compliance officer;
3. Implement an ongoing employee training program, and;
4. Complete an independent audit of the program.

Federal agencies such as the FDIC, Office of the Comptroller of the Currency, Consumer Financial Protection Bureau, the Office of Foreign Assets Control, and the Financial Crimes Enforcement Network are responsible for supervising and enforcing these and other federal AML laws and regulations. Many states have their own regulations and laws as well.

Failure by financial institutions to provide adequate AML training to employees potentially could result in enforcement actions and regulatory penalties costing institutions thousands or even millions of dollars.

“The consequences of having untrained staff can lead to regulatory violations and employees lacking the necessary skills to deter the misuse of the financial institution’s products and services,” Magana said.

Other risks

Regulatory fines aren’t the only reason financial institutions should be concerned. Financial institutions are facing new threats from a variety of criminal elements.

“These criminals abuse the financial system for different reasons – terrorists seek to fund attacks, drug cartels launder illicit profits and hackers manipulate accounts to steal money or extort victims for other purposes,” Comptroller of the Currency Thomas J. Curry said during a Sept. 28 speech at the 15th Annual Anti-Money Laundering and Financial Crimes Conference.

Theft or data breaches caused by lax or inadequate policies and procedures also can lead to
litigation from angry customers or cause lasting damage to a financial institution’s public image, according to Magana. “It can have a negative impact on the company’s reputation and potentially lead to the loss of customers,” he said.

Failure by financial institutions to provide adequate AML training to employees potentially could result in enforcement actions and regulatory penalties costing institutions thousands or even millions of dollars.

Benefits of AML training

Magana said there are several benefits to having a strong AML compliance program and training including:

1. Compliance with regulatory requirements. Regulatory compliance is one of the main pillars of an effective AML program. Regulations are constantly changing, so employees need to be well informed of the latest regulations and their responsibilities. Inadequate training can lead to lapses in the reporting of suspicious or illegal activity, which could result in regulatory violations and penalties.
2. Deterring potential unwanted risks across business lines. Training is one of the most effective ways to stress the importance of AML efforts and how to deal, react and deter potential unwanted risks across all business lines. However, it is also important to appropriately customize AML training to the different audiences of the institution. While generic training can help introduce all employees to general AML concepts, key individuals whose jobs carry greater risk should also have customized training focusing on their specific responsibilities to combat wrongdoing. For example, an employee in charge of opening accounts may need specific training on the financial institution’s Customer Identification Program and Know Your Customer procedures.
3. Creating a culture of compliance. All employees need to be familiar with the company’s AML program and be adequately trained to ensure appropriate procedures and practices are followed consistently across the organization. Ongoing training helps to reinforce a company’s AML program to all employees. Institutions should be diligent in emphasizing the importance of training through company newsletters, emails and testing.

Financial institutions also should consider advanced training for employees in key compliance positions. There are well-recognized certifications available for those employees who want to enhance their knowledge of existing laws, regulations and methods to detect and prevent financial crime. Lastly, financial institutions can benefit greatly from an independent review of their BSA/AML/OFAC compliance programs by an outside consultant, which can help identify where deficiencies may exist in employee training.