Why Won’t Regulators Just Tell Us What They Want?

GUEST BLOGGER

Daniel Tannebaum, CFE
Head of Compliance - Americas, Travelex and Chief Compliance Officer, Travelex Currency Services Inc.
New York, NY

When I worked for the U.S. Treasury Department, I almost always began my public remarks with the nine most terrifying words in the English language, “I’m from the government and I’m here to help.” Americans always made light of those remarks from President Reagan in 1988, but when did civil servants stop serving the taxpayer and begin to embody that statement?

For all of my adult life I’ve worked in varying compliance roles with the government, in the private sector, back to the government and then ultimately back to the private sector. In all of that time I’ve faced the same question from multiple perspectives: “Just what are the regulators looking for?”

In my role at the Office of Foreign Assets Control (OFAC) I provided guidance and clarification to the financial services industry on how to best comply with OFAC regulations.

In Summer 2005, the five functional U.S. banking regulators (Federal Reserve, FDIC, OCC, OTS and NCUA) joined forces to release a landmark compliance document. The consolidated Federal Financial Institutions Examination Council (FFIEC) Examination Manual, the so-called “bible” of consolidated supervision guidance, was to serve as a critical piece of any institution’s compliance program as now the regulators were using one uniform examination practice. This document contained the key components of all AML compliance programs, something that previously differed from regulator to regulator.

Sounds great, right?

That wasn’t the entire story. As conversations with regulators continued, it became evident that the examination outline laid out in the manual was essentially the bare minimum that a company could do in order to pass an examination. Many compliance officers asked, “But, how could I not only pass, but excel in an examination?” The response typically given is consistent with what most government employees say, “I’m sorry, I can’t help you with that.”

Speaking from personal experience, when I was a compliance officer at OFAC, my department’s mission was that of guidance and clarification. That same team is now charged with “enforcement and case evaluation.” How, within just five years, can a mission so pure and helpful to American businesses change so harshly?

OFAC isn’t alone, as other regulators have seemingly changed their tone, now honing in on enforcement rather than assistance. As we’ve all seen, fines have grown exponentially in the compliance space over the past five years. We’re at the point now that a $1 billion penalty may not have the same impact that an $80 million fine had in 2005.

So back to my original point, why can’t regulators just share with us how we can run clean businesses? It seems relatively counterintuitive as we all try to ensure that our organizations are stable and are providing good product offerings. Why make the relationship more adversarial than is necessary? As I write this article I’m preparing my company to be examined by one state in the union who has given us conflicting requests for the upcoming examination.

And the cycle continues…

Tannebaum will address these questions and more at during his session, “How to Build an Effective AML/OFAC Compliance Program” at the 23rd Annual ACFE Fraud Conference & Exhibition in Orlando, June 17-22, 2012. Already have some thoughts? Share them in the comment box below.

ACFE Urges Incorporation of Anti-Fraud Components into GRC Program

LETTER FROM THE PRESIDENT, FRAUD MAGAZINE

James D. Ratley
ACFE President and CEO

Global fraud losses are estimated in the ACFE’s 2010 Report to the Nations at 5 percent of the world’s gross domestic product (GDP). In the United States, that comes to $700 billion. But in these days of a $14 trillion U.S. national debt, bad news denominated in billions no longer commands everyone’s attention. And that in itself is a serious problem.

Looked at another way, $700 billion is the combined GDP of, for example, Hungary, Kuwait, New Zealand, Nigeria and Peru. In other words, fraudsters are stealing from American businesses and individuals the equivalent of these five nations' entire economic output.

And because the 5 percent fraud ratio is based on the median of estimates by CFEs around the world, the “typical” nation suffers from this scourge more or less as much as America does. In fact, it was precisely because of fraud’s soaring global dimensions that the ACFE in 2010 broadened the scope of the Report to the Nations to present a comprehensive overview of fraud everywhere.

As always, the ACFE has been assessing the effectiveness of methodologies that can facilitate fraud prevention, detection and deterrence. Of particular interest to many members is the Governance, Risk Management and Compliance (GRC) approach, which aims to integrate organizational management, asset protection and regulatory adherence under one operational umbrella. Nearly two-fifths (38 percent) of ACFE members count GRC as one of their primary interests, and approximately 8 percent list GRC as their primary or secondary occupational specialty — the fourth-largest and fastest-growing segment of the ACFE membership.

Read the full Letter from the President here.