The Role of Risk Management and Compliance in the Payments System
Regulation of money laundering and terrorist financing, AML/CFT, is globally one of the costliest and most resource-intensive sources of risk management and compliance obligations. The chapter defines money laundering and terrorist financing and examines the regulatory framework that governs these activities and firms’ risk management and compliance systems. The criminalization of this area of financial regulation since 1986 has significantly exacerbated banks’ compliance risk. AML/CFT regulation shares the prescriptive regulatory design characteristic of consumer protection laws. Nevertheless, regulators stress the need for firms to adopt a risk-based approach. The regulation centers around ‘know your customer’, recordkeeping, and reporting to the federal government in which suspicious activity reports and customer due diligence play a key role. It is perhaps in the AML/CFT programs that banks face the greatest challenge in making the necessary risk-return analysis for shareholders. Attracting deposits is critical to a bank’s business model, which relies on low-cost short-term funding, yet the regulation requires rejection of account openings in several instances. Effective AML/CFT compliance imposes high overhead costs. Such a program requires extensive sets of controls, dedicated compliance staff, training, auditing and testing, IT infrastructure, and other related changes in corporate governance systems required to oversee one of the largest business lines of any bank.