Regulatory Reform and a Sunday Drive
by William Hord
March 14, 2016 12:03 pm
It’s over, regulatory reform is finished and we can get on with the business of running our business, right? Not so fast Speed Racer. Wait a minute you ask? Aren’t we just about complete with implementing Dodd-Frank? Although that is true, unfortunately the stable landscape we thought would come from it is still just as rife with change as it has ever been. It appears Congress is very unlikely to repeal Dodd-Frank and the banking industry will begin to feel pressure from additional reforms related to money laundering, terrorism financing and cyber threats. Combine this with a new vigor to hold executives accountable for their governance failures both personally and sometimes criminally, and the road looks even more concerning.
Cyber Threats On the Information Highway
As cyber threat volume and sophistication grows, so too will the focus from Federal Regulators. Financial institutions will see a greater emphasis on defense against electronic system related attacks. Institutions should prepare in advance and be ready to answer regulators questions as to how frequently they test their cyber security controls and whether their procedures are suitable for their risk. If you haven’t heard of the Cybersecurity Assessment Tool developed and released last year by the Federal Financial Institutions Examination Council (FFIEC) you should. This roadmap goes a long way in helping you prepare for the additional regulatory scrutiny coming your way.
Islamic State Militant Banking Needs
As with any burgeoning criminal enterprise the Islamic State needs banking avenues to launder its proceeds. As such an increase in security related to anti-money laundering (AML) is surely on the horizon. The U.S. Treasury proposed a rule in 2014 requiring financial institutions to take explicit steps to know their customers. The final rule was close to complete in 2015 but the Treasury’s Financial Crimes Enforcement Network (FinCEN) issued a cost-benefit analysis in late December that supported issuing a rule. The delay simply means there will be public time to comment on the cost-benefit analysis this year. Regardless of the delay, financial institutions will need to prepare their IT infrastructure to meet the impending requirements and possibly may have to spend substantial sums to be in compliance.
So just as spring is approaching and you thought 2016 was going to be a Sunday drive, just remember to watch out for those compliance potholes. The repair costs can be a killer!