Connect ► twitter| youtube|  Log In ► Members Only  |  Corporate One Safekeeping  |  Search

BSA/AML Hot topics: Revolutionizing regulatory compliance with RegTech

By Naomi Glass, BSA/AML Compliance Manager

BSA Officers have many roles and responsibilities. Not only are they responsible for implementing regulatory changes, but now they are also expected to become tech savvy in the process. This added responsibly is due to regulatory technology, or “RegTech,” which is the management of regulatory processes in the financial industry through technology. This new movement is revolutionizing the way financial institutions comply with BSA/AML regulations and detect and report money laundering.


BSA Latest Information, Regulatory Update and Examiner Focus compliance webinar

Get up to speed on the most current industry news and information in just one hour.

Thursday, October 31
2:00 p.m. - 3:00 p.m. ET



The fundamental question BSA Officers now need to consider is whether implementing RegTech into their BSA/AML programs is right for their credit unions. This article will examine several factors to consider before embarking on this new technological frontier.

RegTech companies provide technologically advanced solutions within the AML space. These companies offer solutions for various BSA/AML compliance functions, including transaction monitoring, sanctions screening, CDD/onboarding, EDD of high-risk members, and many others. Newer product offerings are so cutting edge they even incorporate artificial intelligence (known as “machine learning”) into their automatized processes.

The benefits of using RegTech for BSA/AML functions have not gone unnoticed by regulatory agencies. A December 2018 joint statement issued by the Financial Crimes Enforcement Network (FinCEN), the NCUA, and other federal banking agencies encourages credit unions and banks “to consider, evaluate, and, where appropriate, responsibly implement innovative approaches in this area.”

Evaluating your credit union’s need for RegTech

It might be tempting to want to automate BSA/AML functions using RegTech, especially if your existing processes are primarily manual, but before signing on the dotted line, truly assess your credit union’s need for new or enhanced BSA/AML technology.

First, your evaluation should consider the magnitude of your credit union (i.e. size, membership types, products/services) and leverage your most recent risk-assessment of your BSA/AML program. Other factors to consider are prior exam or audit findings, regulatory expectations, and industry-wide best practices. It is essential that you select a RegTech solution that ultimately aligns with your credit union’s risk-based approach to BSA/AML compliance and overall governance model.

Next, determine what is the specific problem you are trying to solve. Are you looking to reduce false positives? Reduce costs? Increase efficiency? Look internally at the problems you want to solve, then talk to RegTech vendors. Don’t let the vendors dictate these problems to you. Also, be wary of sales pitches that sound too good to be true (as they probably are).

Once you begin to narrow down the field of suitable vendors, be sure to vet them. The key here is to perform your due diligence up front. Ask relevant questions about the software (including what its limitations are), review the terms and conditions specified in the software agreement (identifying any potential red flags), and analyze different fee structures (i.e. upfront costs versus total costs). Make sure you identify a vendor that has expertise in the compliance function you are seeking to automate.

Considering your existing systems

One of the most important things to evaluate is whether the vendor has the capacity to integrate its software platform with your credit union’s existing legacy systems. RegTech is data-driven and uses algorithms to synthesize information. For software to be effective, it must be fed with data from a credit union’s core system that is correct, complete, and consistent. Many credit unions do not have this type of clean data and will need to come up with a process for removing or modifying data that is incorrect, incomplete, irrelevant, duplicated, or improperly formatted. Failing to do so will ultimately result in garbage in, garbage out. You will also need to think about other technical considerations. Will the software be housed within the cloud or on your servers? Will there be enough storage space? And do you have the budget to absorb any unexpected IT costs?

In conclusion, integrating RegTech into a credit union’s BSA/AML program could be a gamechanger in terms of enhancing the detection and reporting of suspicious activity and more effectively meeting regulatory expectations. On the other hand, it could be a nightmare if you don’t have a clear vision of what you need the software to do from the start, you hire a vendor with a lack of knowledge or expertise, or you don’t have clean data or IT resources to make the product work effectively.