I was really taken aback by portions of the Comptroller of the Currency's speech today to the annual conference of the Institute of International Bankers.
First, to me, the tone of the Bank Secrecy Act/Anti-Money Laundering (BSA/AML) portion of the speech communicates an undercurrent of apology for the challenges of BSA/AML compliance in our nation's largest banks. As the speech rightly notes, the Bank Secrecy Act was passed in 1970 (that would be almost a half a century ago), beefed up in 1986 (that would be more than a quarter of a century ago) and the USA PATRIOT Act was passed after the 9/11 attacks (over a decade ago). That's plenty of time for mega-banks with their deep pockets, unbridled access to talent, and IT resources to get their BSA/AML compliance right, if their hearts were really in it. Large bank BSA/AML compliance programs should be shining banking industry examples (many are), not sources of national and international concern.
Another bothersome portion was this: "In addition, there’s a significant risk that these activities will migrate to smaller banks and thrifts as larger institutions improve their programs and exit businesses that present elevated levels of risk. Smaller institutions may lack the resources and personnel necessary to successfully manage higher-risk activities, and so they need to be especially vigilant."
Speaking only from examining experience in community banks in South Florida, the reality was that the opposite was frequently true. Community bankers, who had better knowledge of their customers and are assisted by sophisticated BSA/AML compliance software, commonly saw high-risk customers, with unusual and suspicious activity, move their relationships to the large banks. At the large banks, they would then be small fish in a big pond, and therefore less detectable.
Sure, there are community banks that haven't gotten it right, and they rightfully receive appropriate BSA/AML enforcement actions. But BSA/AML compliance has been on the community bank examination front burner for many, many years. Community banks nationwide have devoted extensive resources to BSA/AML compliance. All are expected to do frequent BSA/AML risk assessments, so that bank compliance resources can be aligned with their emerging BSA/AML risks.
I would posit that those community banks in South Florida devote more resources to BSA/AML compliance per dollar of bank assets than any of the mega-banks. It's not uncommon to see banks in South Florida with total assets of $300 - $600 million, that have high BSA/AML risk, to have eight to twelve employees devoted to BSA/AML compliance and suspicious activity reporting. Larger high-risk community banks devote even more.
The old banking industry speech prop of things trickling-down from the rarefied altitudes of Wall Street to the ill-prepared, shoeless provincials in the community banks may command nods and murmurs of agreement from an audience of international bankers at the posh Washington Four Seasons Hotel, but the reality, in this case, may very well be different.
The mutual goal is to get the nefarious actors out of the banking system. Once some of the non-compliant large banks get their acts together, those nefarious actors will find that community bankers are better prepared than ever before. And with all of the entry points to the formal banking system being properly policed, they will need to find other ways to do their dirty business.