FinCEN Issues Advisory on Promoting Culture of Compliance

August 12, 2014 The Financial Crimes Enforcement Network (FinCEN) has issued an advisory to U.S. financial institutions on promoting a strong culture of BSA/AML compliance for senior management. FIN-2014-A007 lays out FinCEN’s view that a financial institution may strengthen its compliance culture by ensuring:

  1. its leadership actively supports and understands compliance efforts

    A financial institution’s leadership, which may include its board of directors, senior and executive management, owners and operators, are responsible for understanding an institution’s responsibilities regarding compliance with the BSA and creating a visible culture of compliance at that institution. This includes receiving periodic BSA/AML training, understanding BSA/AML obligations, allocating sufficient resources, and remaining informed of the state of BSA/AML compliance within the institution.
  1. efforts to manage and mitigate BSA/AML deficiencies and risks are not compromised by revenue interests

    An effective governance structure for an institution should allow for the independent function of the BSA/AML compliance program with the authority to address and mitigate any risks that may arise from an institution’s business line and to file any necessary reports regardless of the revenue generated from the business line.
  1. relevant information from the various departments within the organization is shared with compliance staff to further BSA/AML efforts

    FinCEN notes that in several recent enforcement actions, the institution had relevant BSA/AML information that was not made available to BSA/AML compliance staff. Institutions must ensure that information obtained or held by various departments that may be useful for BSA/AML compliance is shared with compliance staff.
  1. the institution devotes adequate resources to its compliance function

    An effective BSA/AML compliance program must be supported by appropriate staff based on its risk profile. Appropriate technological resources should also be allocated to BSA/AML compliance and institutions with higher risk profiles, including those with substantially higher volumes of activity, may need to utilize automated systems for identifying and monitoring suspicious activity. 
  1. the compliance program is effective by, among other things, ensuring that it is tested by an independent and competent party

    FinCEN’s guidance stresses the importance of independent testing of the compliance program. The party testing the program must be independent, qualified, and unbiased. The independent tester may not have a conflicting business interest that may influence the outcome of the test of the compliance program.
  1. its leadership and staff understand the purpose of its BSA/AML efforts and how its reporting is used

    Finally, FinCEN’s guidance instructs institutions that adherence to the requirements of the BSA/AML regulations should not be strictly for compliance, but rather should be embraced by institutions for the goal of safeguarding the national financial system and enhancing national security. FinCEN urges institutions to educate employees on the purpose of, and role played by, the BSA/AML regime.

For more information on the BSA/AML, contact Also visit for information on the annual Bank Secrecy Act Conference presented by CUNA and NASCUS in partnership.


News Story Archive