Wednesday, March 17, 2010

Anti-Money Laundering is not rocket science

As Wells Fargo's Wachovia Bank continues its negotiations with the Justice Department over allegations of money laundering three years ago, it makes me wonder why the bank's anti-money laundering (AML) controls were so weak. In general, there is no rocket science in the AML rules, so poor operation of the controls would appear to me to show a lack of interest in supporting the rules. In fact, many corporate compliance rules are not technically difficult to handle, once you get your head around them, so failures of AML or many control related regulations are a bad sign. The complexity in AML generally comes from the mass of requirements, rather than the complex nature of any one requirement:


According to a Bobsguide article, highlighting how Wells Fargo acquired responsibility through buying Wachovia in 2008 :

This predates the acquisition of the business by Wells Fargo at the end of 2008.

One of the bank’s units is believed to have processed money transfers from exchange houses in Mexico, thought to be from drug traffickers in the country
[...]
In a statement the bank said: “We look forward to resolving this issue, and are committed to maintaining compliant and effective anti-money-laundering policies and practices, and a strong compliance and risk management culture across the integrated organization.”

The failures suggest that Wachovia possibly suffered poor executive governance and lack of internal audit of its compliance program. Otherwise it seems unlikely that a high profile requirement would have just been allowed to fail so miserably. The rules, as I said previously, are not that difficult. Like all compliance programs, they require a recognition from the highest levels in the organization that they must be attended to, since the complexity with many of the rules is the drain on resources. Everything takes time:
  • Understanding the impact of new rules
  • Keeping up to date on changes to the rules
  • Implementing the controls and compliance program in general
  • Training & certifying employees on manual controls and some common-sense requirements
  • Testing and auditing controls and programs
  • Reporting performance
  • Remediation of issues
Yes, there is a lot to do, and this is not a different list from the requirements on any public company, exposed to Sarbanes Oxley regulation, or the raft of other locally governing financial authority's regulations. For this reason, Wachovia had no excuse not to comply, and it seems to be a sign that they were a failing organization that they chose not to.


A post from the Improving It blog

Let us help you improve your business today. Visit www.consected.com

No comments: