WolfPAC Integrated Risk Management Blog

BSA Software is not Enough: Expectations and Best Practices for Effective BSA Software Use

| Author
Wolf & Company, P.C.

The Bank Secrecy Act (BSA), and associated Anti-Money Laundering laws (AML), has heightened the pressure from regulators to have a system in place to detect and mitigate money laundering activities within the institution. With BSA software in place it may be tempting to assume your compliance requirement has been met, but simply using the software is not going to automatically solve your problems. As BSA software use increases, it is imperative that organizations understand the software as only one piece of the BSA program needed. Here are a few benefits, risks, and best practices that will help you get your arms around your BSA software situation.

Benefits and Risks

Automated BSA software has a number of benefits for the institution’s BSA compliance program. It gives your institution the opportunity to more easily and completely identify suspicious activity, as well as streamline processes like risk ratings and due diligence. BSA software also reduces the use of manual logging and the subsequent data entry, which minimizes the opportunity for the mistakes that go hand in hand with human involvement. Lastly, it will provide more detailed records, ensuring nothing pertinent is left out of the reports.

As with any technology, there will also be risks. Examiners tend to hold institutions utilizing BSA software to a higher standard. There is also the potential increase in false positives if the software is not properly configured. Having too many false positives takes more time for the people who are reviewing alerts, and can become a resource burden on your institution. Increased costs for the licensing, training and validation is another potential pitfall.

Best Practices

BSA software is never going to be perfectly configured out of the box. Having too many false positives means wasting time checking irrelevant transactions. Conversely, having lax alert criteria offers the potential for real issues to pass unnoticed. It is integral to the success of the software that it be tailored to your specific institution. Your BSA risk assessment is a great tool to assist in establishing those parameters within the software to suit the transaction habits that make your institution unique.

It is also important to be reviewing reports and alerts generated by the software in a timely manner. If you find too much time is needed to review reports, it may be that the configuration is too conservative, leading to a large number of false positives.

Remember: your financial institution is ultimately responsible for compliance. If you aren’t meeting regulatory requirements, you won’t be able to point to your vendor as the culprit; it’s your job to be sure you have everything in place. In this case your BSA risk assessment will also be integral in keeping you focused on what you need, and how the BSA software will fit into your plan.

Interested in more information about BSA software, and how it fits into your larger risk management plan? Here’s an article written by another of our experts:

Banking Technology Connections: Using Automated Systems to Meet BSA/AML & OFAC Requirements

TOPICS: BSA Bank Secrecy Act Regulatory Compliance Compliance Risk Assessment

Subscribe To The WolfPAC Blog

Get WolfPAC’s latest articles straight to your inbox. Enter your information below.