As cooperative FIs, CUs are primarily focused on providing affordable financial services to their members. While service to their members is at the core of every Credit Union’s mission, it is not their only obligation.
CUs, as well as banks, are bound by the rules and regulations laid out in the Bank Secrecy Act (BSA), which requires CUs to assist regulatory agencies and bodies in preventing and detecting money laundering and tax evasion. Because the law boosts anti-money laundering (AML) efforts among FIs, it is sometimes referred to as AML/BSA.
While CUs understand their AML/BSA obligations, requirement compliance can be more challenging for some than for others. CUs with a greater amount of financial resources available, such as staff who are versed in AML/BSA compliance, are often more capable of meeting their obligations without spreading themselves too thin.
Regardless of how much strain AML/BSA regulations may put on them, CUs are still obligated to comply with them. This does, however, force CUs to step outside their preferred roles as FIs and instead act as law enforcement agencies, Colleen Kelly, senior federal compliance counsel for the Credit Union National Association (CUNA), told PYMNTS in a recent interview.
Counting Currency Transactions
AML/BSA regulations require FIs to implement customer identification programs (CIPs), or know-your-customer (KYC) checks. KYC requires CUs to perform their due diligence by determining whether members are the individuals they claim to be, regularly testing their controls and reporting all transactions greater than $10,000.
Requirements like these reach into every level of a CU’s operation. Everyone from front-facing staff, to back-end workers, workers in the lending department and even senior management and the board of directors must be well-versed in BSA requirements.
“BSA affects so many departments in FIs,” Kelly said. “We need to make sure every staff member who could be touched by BSA obligations is well-informed and regularly trained.”
According to Kelly, one of the most challenging parts of BSA compliance is staying on top of currency reporting requirements for cash transactions greater than $10,000, as these can trigger suspicious activity reports that require investigation. In the course of fulfilling their BSA obligations, investigators might ultimately determine that the event is not, in fact, suspicious. If this is the case, the CU will not have to file a Suspicious Activity Report (SAR) with the Financial Crimes Enforcement Network (FinCEN).
Even so, she added, determining whether an SAR is warranted can spread CUs thin.
“The investigation [that] determines if [a transaction is] suspicious or not,” she explained, “takes a lot of time, effort and resources.”
Cooperation Among Co-Operatives
While BSA obligations can strain CUs, the market appears to be getting some relief, thanks to a recent development.
In early October, a group of five federal agencies — FinCEN, the Federal Reserve Board, the National Credit Union Administration, the Federal Deposit Insurance Corporation and the Comptroller of the Currency — released a report outlining how CUs and community banks can share resources to keep up with AML efforts and streamline BSA compliance.
The ability to share resources between CUs could help various players remain compliant with BSA without assuming a heavy financial burden. These new rules allow staff with strong knowledge of BSA requirements to visit other CUs to help them improve their operations.
Kelly also pointed out that staff members who perform in-house audits cannot be involved with BSA operations, meaning that in-house BSA officers are unable to perform testing at their own institutions.
“You might be able to have someone from another FI, another CU, who understands BSA come in and let [the CU] know where there might be gaps,” she said.
Kelly added that many CUs have been frustrated that they cannot use their own BSA professionals to audit and test themselves. Therefore, the ability to share resources for BSA compliance is a welcome change. She also noted that the policy is still new, however, and requires further observation to determine if it helps CUs meet their BSA-related obligations.
BSA: ‘A Two-Way Street’
As Kelly described it, remaining in compliance with BSA can be like chasing a “moving target,” since the regulations can change quickly. In addition, staff who are trained in BSA compliance need to be aware of new threats and trends that law enforcement agencies are keeping tabs on.
“We continually get red-flagged,” she said, “if they find new signs [or] new suspicious things we should be looking for.”
As criminals and other bad actors look for new opportunities to infiltrate the U.S. financial system, law enforcement agencies, including Homeland Security and Immigration Customs and Enforcement (ICE), will continue to guard against new threats and provide guidance to FIs. When new threats do emerge, CUs and banks alike will have to update their BSA training to address them.
Kelly noted that law enforcement also expects CUs to report notable trends, including those that can’t necessarily be explained. Reporting unusual activity, even if it’s not necessarily suspicious, could inform law enforcement down the road if it ends up revealing a broader pattern of illegal behavior.
“It’s a two-way street,” she said. “It’s not just that they give us red flags … they also want us to stay on top of things as well, because, as FIs, we can see things before they develop into criminal activity.”
This two-way arrangement makes CUs essential partners for law enforcement when it comes to screening for criminal activity.
“We understand that BSA regulations prevent and combat money laundering, which finances terrorist activities, human trafficking and a lot of [other] atrocities around the world,” she said. “We know how important that is and we want to be part of the solution.”
Kelly realizes the importance of making every effort to meet AML/BSA requirements, but recognizes that those same requirements can take a toll on how CUs fulfill their core mission — providing financial services to their members.
“We are not law enforcement. That’s not our job and not our responsibility,” she said. “It is a struggle [to] try to do both.”
In the end, Kelly hopes that CUs can balance these two, sometimes competing, priorities. For now, however, CUs must continue to remain compliant with all regulations outlined under AML/BSA.