BSA/AML MRAs – Serious Business but a Potential Opportunity

Recently, the Financial Crimes Enforcement Network (FinCen) imposed a $75,000 penalty on Colorado money services business, Aurora Sunmart Inc., and its owner and General Manager, Jamal Awad, for violating Bank Secrecy Act (BSA) requirements.

FinCen asserted that Aurora and Awad “willfully violated” the BSA’s registration, program and reporting requirements and also did not have an effective, written anti-money laundering program. Aurora had been cited for multiple violations in numerous Matters Requiring Attention (MRAs) on its past three BSA/AML examinations. “All financial institutions – large and small – must take their obligation to protect the U.S. financial system seriously,” said FinCEN Director Jennifer Shasky Calvery. “They cannot just go through the motions, as Aurora did, and hope things turn out all right.” MRAs must be addressed comprehensively and in a timely manner.

In the fourth quarter of 2014, the Office of the Comptroller of the Currency (OCC) issued guidance that revamped the terms under which it will issue and enforce MRAs and indicated that it will be focusing on MRA Compliance. Due to this revision, examiners will be quicker to issue formal enforcement actions against banks that fail to take “timely and effective corrective action” required by MRAs in their previous exams. James F. Vivenzio, Senior Counsel for Bank Secrecy Act/AML for the OCC, has advised that in light of this policy-shift, institutions should work closely with their examiners when they encounter a BSA/AML compliance issue in order to show that they are serious about fixing the problem. Something Aurora Sunmart clearly did not do.

MRAs are a critical part of the regulatory examination process that call for proactive steps from all financial institutions, whether they are a money services business, such as Aurora Sunmart, a mortgage lender, a trust company or a bank. Importantly, not only do they require comprehensive and timely action with regulators that specifically address the MRAs, but they also place management and boards of these institutions on notice of other important potential risk issues. If these issues are not properly addressed, they can create additional damaging exposure, as exemplified by Awad and Aurora.

While dealing with the formalities of any enforcement action can be challenging and may require extra time and resources, the effort and end result can be very beneficial and create opportunity not only for the subject under scrutiny, but for all financial institutions. In the past, examinees were often provided “recommendations” they were expected to follow, as opposed to formal MRAs that require structured, comprehensive, and timely action. With the shift in MRA policy, all issues identified during exams are now being included in the Report of Examination (ROE). This record of the success, or lack thereof, surrounding how institutions respond to the MRAs issued to them, can provide opportunities for improving internal compliance processes and relationships with examiners, as well as clarity and direction for other institutions for staying on track.