Sunday, May 20, 2012
[ – ] Text Size [ + ] | Print Page
Home > Bank Resources > Bank Resources Publications > SRC Insights > 2011 > Fourth Quarter
SRC Insights: Fourth Quarter 2011
From the Examiner's Desk: Suspicious Activity Monitoring in the Lending Function
Suspicious activity detection and monitoring at financial institutions should be an enterprise-wide process that considers the entire customer relationship. Institutions of any size and complexity can achieve a strong, customer-focused suspicious activity monitoring function by thinking broadly when opening new accounts and monitoring existing accounts. A common oversight at many institutions often includes some of the bank's most basic products and services. While an institution may have a sound process to identify and monitor potentially suspicious activities in deposit account products, formal processes may not exist for the institution's loan accounts. Monitoring a customer's entire relationship can give bankers greater perspective on the legitimacy and legality of a customer's business and transactions, especially when it comes to the lending function.
Risk Controls
A financial institution's Bank Secrecy Act/Anti-Money Laundering (BSA/AML) program is based on its risk assessment. Within the risk assessment, management has evaluated the risks inherent in the bank's products and services, customer base, and the geographies that the customers and transactions touch. Then, appropriate internal controls are developed and implemented based on the perceived level of risk. While financial institutions generally implement strong controls regarding deposit accounts, evaluating BSA/AML risks and establishing controls within the lending function have proven more difficult.
Conceptually, several deposit and loan account controls are similar. The customer acceptance process begins with the customer identification program (CIP),1 which sets forth the information that must be collected and verified in accordance with law. The bank should also obtain sufficient information to develop an understanding of a customer's normal and expected activities. At the time of the account opening, the customer's risk should be assessed, and due diligence should be performed based on the perceived level of risk associated with the customer or transaction. Both of these controls are critically important for deposit and loan accounts.
Often, due diligence happens naturally during the loan underwriting process. However, it has been noted that the level of due diligence that is performed for guarantors, signatories, principals, and other loan participants can vary, as CIP compliance may not be required for these parties. If a customer is deemed to be high risk, enhanced due diligence procedures are expected to be performed, just as they would be expected for deposit account relationships. Additionally, one of the most important key controls is the bank's BSA/AML training program that provides for role-specific training and educates bank personnel on the types of activity that are deemed suspicious.
| Controls | Deposit Accounts | Loan Accounts |
|---|---|---|
| Customer Identification Program | ✓ | ✓ |
| Customer Due Diligence | ✓ | ✓ |
| High-Risk Account Monitoring | ✓ | ✓ |
| Training | ✓ | ✓ |
While loans secured by cash collateral and/or marketable securities are typically considered lower risk credits, they can easily be used to hide illegal monies or to obscure the purpose of funds. This is not the only way loans are used to launder money, but this is one of the most common methods. The fact is, any loan can be used to launder money, but understanding the red flags and educating personnel on how to evaluate and monitor loan customers can help to mitigate BSA/AML risk.
Due Diligence Techniques
As mentioned previously, an institution's BSA/AML program should incorporate a comprehensive customer due diligence program. The program's objectives are to enable the institution to know its customer and predict anomalies in customer behavior. The risk-based program should clearly communicate management's expectations and staff responsibilities at account opening. Some simple due diligence techniques could be employed to help personnel understand the customer risk, including the following:
- Review deposit account activity. As simple as it sounds, evaluating a borrower's deposit account activity can provide perspective on the nature of the borrower's transactions and the potential riskiness of the relationship with the borrower.
- Evaluate income relative to the size of cash collateral or cash investment by the borrower. This common-sense approach will help to evaluate the transaction's reasonableness.
- Verify the source of any cash collateral or cash investment. If the source of funds cannot be verified or substantiated, AML risks may be present.
- Understand the true loan purpose. If the borrower specifically requests a loan and offers cash as collateral, understand why the borrower prefers this loan structure. Lending personnel should ensure that the stated purpose of the loan makes sense and is consistent with the borrower's background, business, or former businesses.
- Perform Internet searches. Basic Internet searches can often produce important information that the institution may not otherwise know.
- Conduct due diligence on related parties. High-risk transactions should always require enhanced due diligence that includes all parties to the loan. Understanding all of the individuals and/or businesses involved in the transaction will help to mitigate BSA/AML risk.
In addition to these due diligence techniques, certain situations should raise suspicion when evaluating loan requests, such as the following:
- The loan(s) is to a person(s) located outside the United States.
- The collateral is located outside the United States.
- Multiple collateral transfers have occurred over a short period of time.
- The type of business is considered inherently high risk for money laundering.
Banking institutions are required to identify suspicious activity and submit suspicious activity reports (SARs). Heavy fines and reputational risk could threaten an institution that does not fully comply, particularly if it is publicly learned that money laundering or terrorist financing was undetected. However, it is not only the due diligence at account opening that is important; the ongoing monitoring of higher-risk loan accounts will help to mitigate the bank's exposure to loss and AML risk.
Best practices for monitoring loans accounts may include, but are not limited to, the following:
- Review all account relationship activity. Remember that it is important to monitor the entire borrower relationship. If the customer has other accounts at the institution, much can be learned about the flow of funds and the legitimacy of transactions.
- Evaluate the loan purpose vs. loan funds usage. Consider whether the loan funds are being used consistently with the borrower's stated loan purpose. If they are not, it could indicate fraud or BSA/AML risk.
- Investigate loan payments made with cash. Consider whether it makes sense for the borrower to make cash payments on the loan. This might be expected for some cash businesses, but cash is generally an unusual method of payment for many loan types, particularly commercial credits.
- Investigate loan payments made by a third party. If the loan payments are being made by a person or entity that does not appear to be related to the borrower, it could be considered suspicious.
- Scrutinize early or sizeable loan payoffs. Evaluate the reasonableness of payoffs, especially if they are unexpected or completed by companies under duress and absent take-out financing.
Ensuring a Seamless Process
Knowing all of the controls, due diligence techniques, and red flags is not necessarily enough to ensure that an institution is effectively monitoring for and reporting on suspicious activity in the lending function. A control breakdown commonly noted by examiners is ineffective or inefficient reporting of suspicious activity by loan personnel. Not only should loan staff be educated about what to look for, but they should be equally educated on how to report suspicious activity within the institution. This helps to ensure a seamless process that will eventually result in either documentation of rationale supporting why certain activities are not suspicious or the filing of a SAR.
For more information about BSA/AML compliance, please visit www.ffiec.gov 
(the FFIEC's BSA/AML Infobase) or contact Manager Adina A. Himes at (215) 574-6443.
- 1 The full text of the USA Patriot Act of 2001 is available online.
The views expressed in this article are those of the author and are not necessarily those of this Reserve Bank or the Federal Reserve System.
In This Issue
Supervision Spotlight on the Evolution of Community Bank Supervision in a Post-Crisis World
From the Examiner's Desk: Suspicious Activity Monitoring in the Lending Function
Incentive Compensation: Proposed Guidance to Help Equalize the Risks and Rewards
DFA Today: The Dodd-Frank Act Keeps Rolling Along
Complete Issue
(794 KB, 20 pages)
Contact Us
Federal Reserve Bank
of Philadelphia
Supervision, Regulation & Credit
Ten Independence Mall
Philadelphia, PA 19106-1574
FEDERAL RESERVE BANK OF PHILADELPHIA . TEN INDEPENDENCE MALL . PHILADELPHIA, PA 19106-1574 . TEL: (215) 574-6000
Research & Data | Education | Consumer Credit & Payments | Bank Resources | Community Development | Newsroom | Careers | Publications
About the Fed | Contact | FAQs | Feeds 
| Site Map | Terms of Use | Privacy Policy | Web Feedback 
| PDF Reader | Home
Copyright 2012. All rights reserved. Links with the orange box icon () go to pages outside of the Federal Reserve Bank of Philadelphia’s website.