Although financial institutions have been managing BSA operations as per the regulatory requirements, the change in focus to appropriate BSA/AML/OFAC risk assessment has become increasingly important. Regulators look to the organization for insurance and evidence that BSA operations are appropriately performing risk assessments. Appropriate risk assessments are essential in an organization's strategic planning and development, as well as ensuring compliance with laws and regulations.



This Bank Secrecy Act risk assessment seminar will highlight BSA best practices that are being acknowledged and recognized by regulators and examiners and will discuss each risk assessment area. Attendees will learn how to conduct a comprehensive review of their current organization's BSA/AML/OFAC risk assessment.

Learning Objectives:



Key goals of this BSA risk assessment course are:

To review and evaluate policies and procedures for risk assessments

To help identify your organization's risks

To determine your organization's risk threshold based on the organization's strategic plans and business models

To discuss how to conduct a comprehensive review of your organization's BSA/AML/OFAC risk assessment, including

Determining completeness of the risk assessments



Determining the thoroughness of risk assessments



Determining if current risk assessment matrixes are appropriate for your organization

To discuss how to establish risk assessments for your organization, specifically:

BSA risk assessments



AML risk assessments



OFAC risk assessments

To illustrate how to perform the risk assessments

To highlight the need for periodically reviewing risk assessments to determine if they are still relevant, appropriate, and adequate

To discuss implementing a BSA/AML/OFAC risk assessment program at your organization

Who Should Attend:



BSA / AML Officers

Internal Auditors

Staff with Roles and Responsibilities in BSA/AML Management and Oversight

Money Service Business BSA/AML Officers

Corporate Auditors

Risk Managers

Legal Department Personnel

Regulators

Compliance Officers

Agenda:



Day 1



8:30 - 9:00 AM: Registration



9:00 AM: Session Start Time



Welcome and Introductions (30 Minutes)



Understanding the Basics (1 Hour)

Risk Assessment 101

What is a risk?

Risk and your business objectives

Types of risks

Consequences of failing to recognize risks

Lack of risk monitoring implications

Establishing the Importance of Proper Risk Assessing (1 Hour)

Board of Directors and Senior Management Involvement

Implementing a risk assessment which best reflects the organization's goals and objectives

Examples of involvement

Roles and responsibilities

Reviewing and Determining Risks

Who is responsible for determining risks?

How do you know that your risk rating is appropriate?

Establish Appropriate Risk Ratings

Types of risk ratings

Who reviews and approves risk ratings?

Example: risk rating determination spreadsheet

When Risk Ratings Don't Make Sense

Changing risk ratings

Ensuring reasons are documented to support risk ratings

Establishing Risk Matrixes (5 Hours)

BSA Risk Assessments

Definition

Examples

AML Risk Assessments

Definition

Examples

OFAC Risk Assessments

Definition

Examples

Day 2



Compliance Consideration

BSA/AML

The Office of Foreign Assets Controls (OFAC)

Massive Fines for Non-compliance

Examples of How Incorrect Risk Ratings Affect an Organization

Continuous Monitoring

What is Considered Continuous Risk Assessment Monitoring

The Pros and Cons

Making Changes

Establishing a Review Schedule

The Risk Assessment Toolkit

Example Policies

Example Risk Assessment Matrixes

References and Links

