RFI: Extent to Which Model Risk Management Principles Support Compliance With BSA/AML and OFAC Requirements

RFI: Extent to Which Model Risk Management Principles Support Compliance With BSA/AML and OFAC Requirements

The Federal Reserve Board, the Office of the Comptroller of the Currency (OCC), the Federal Deposit Insurance Corporation (FDIC), FinCEN, and the NCUA (collectively, “the agencies”) are seeking information and comment on the extent to which the principles of the Interagency Model Risk Management Guidance (MRMG) support compliance with BSA/AML and OFAC requirements. The Federal Reserve Board and OCC issued this interagency supervisory guidance in 2011, and the FDIC adopted it in 2017. NCUA has not adopted the guidance, and as a result, the MRMG does not apply to credit unions. Even so, many credit unions use validated risk modeling monitoring systems in their BSA/AML and OFAC compliance programs which may be based on the MRMG. The MRMG lays out three principles for modeling: (1) model development, implementation, and use; (2) model validation, and (3) governance, policies and control. The agencies want to understand the role of this guidance in compliance practices and whether additional guidance might increase transparency, effectiveness or efficiency. 

The RFI includes 12 questions for comment, plus several sub-questions specific to suspicious activity reporting (SAR) monitoring. Broadly, some questions for comment include:

  • What works well and what should be changed, with specific detail regarding data, impacts, costs and benefits?
  • What types of models are used to support BSA/ALM and OFAC compliance and what methodologies are technologies are used in those models?\
  • What processes and procedures are used to validate BSA/AML and OFAC models?
  • Do BSA/AML and OFAC models create delays or impediments within the credit union?

 

On June 11th - CUNA submitted comments.  Read the comments --> FinCEN & NCUA