FinCEN’s Culture of Compliance Advisory: A Strong Message
Cynics can easily dismiss FinCEN’s August 11, 2014 Advisory on Promoting a Culture of Compliance (Here). In fact, FinCEN’s Advisory contains several important messages, which need to be emphasized.
FinCen’s motivation for releasing the Advisory is clear – FinCEN is frustrated by the systemic breakdowns in compliance underscored in recent enforcement actions against financial institutions, including HSBC, BNP Paribas and others. It is apparent to FinCEn that many financial institutions are relying on “paper” compliance programs to satisfy their regulatory requirements with regard to BSA/AML compliance.
FinCen’s Advisory reflects the growing importance of ethics and compliance in every business operation. Financial institutions have been subjected to detailed regulatory compliance requirements and know what the terrain looks like. Unfortunately, financial regulators have been frustrated by financial institutions’ poor level of performance and dedication to compliance.
FinCEN’s Advisory is an attempt to reverse this trend – the importance of the Advisory will be determined by how committed FinCEN is to promoting these important ethics and culture requirements.
FinCEN emphasizes the requirement that senior management embrace the importance of a culture of compliance. FinCEN recognizes that a culture of compliance is more effective than elaborate policies and guidelines that can be circumvented if necessary.
The Advisory provides specific guidance on the importance of compliance even when compliance may come at the expense of additional revenues. This principle was plainly evident when BNP Paribas continued to engage in business with sanctioned-Sudan entities because of the importance of such revenues to BNP Paribas.
FinCEN’s advisory also cites the importance of information sharing within an organization. In this respect, FinCEN noted that relevant information was withheld from BSA/AML compliance staff, and prevented the compliance staff from exercising their responsibilities in the organization.
FinCEN cited specific examples where information sharing should occur: First, that fraud investigators should share information with BSA/AML compliance officers; second, that lawyers should apprise BSA/AML of government subpoenas and other areas of regulatory interest; and third, gaming casinos should share customer profile and marketing data with BSA/AML staff.
In some areas, the FinCEN Advisory did not pave any new ground, but reminded financial institutions that they are obligated to ensure that a BSA/AML compliance program has to have adequate resources and staff to fulfill its compliance obligation, and that a BSA/AML compliance program has to be subjected to independent testing and evaluation.
These two points are fairly obvious but again reflect FinCEN’s view that financial institutions continue to rely on paper compliance programs rather than real and meaningful compliance.
Finally, the FinCEN Advisory emphasizes the importance of reporting obligations and the purpose of such reporting obligations. FinCEN’s outline of reporting purposes is designed to remind financial institutions that their reporting obligations are not just limited to initiating potential enforcement actions but extends to other important purposes, including expansion of existing investigations, promoting international information esxchange, and identify significant relationships, trends and patterns.
The FinCEN Advisory reflects FinCEN’s frustration with financial institutions and their dedication to compliance. Some of the points made in the Advisory are basic and should not have to be made.
FinCen’s audience may not just be traditional financial institutions such as banks but may reflect its intention to expand its enforcement operations against non-traditional financial institutions such as casinos and Money Service Businesses.