The Coronavirus Aid, Relief, and Economic Security Act (CARES Act) became law on March 27, 2020. This $2 trillion stimulus package—the third of what will likely be several such funding and stimulus packages designed to combat the effects of the COVID-19 pandemic—is currently being distributed through a variety of state and local mechanisms, including two lending programs of importance to participating financial institutions. Under the CARES Act, the Paycheck Protection Program (PPP) authorizes up to $350 billion in lending to small businesses meeting certain eligibility requirements administered by the Small Business Administration (SBA). The CARES Act also authorizes the U.S. Department of the Treasury to make up to $500 billion in loans, loan guarantees, and other investments in support of certain businesses, states, and municipalities. The SBA, in consultation with the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN), has been issuing FAQs regarding implementation of the PPP, and FinCEN has issued additional guidance alerting financial institutions to disaster-related fraud and other potential illicit conduct associated with COVID-19. Financial regulators at the federal and state levels anticipate that all financial institutions will continue to take a risk-based approach to meeting their Bank Secrecy Act/ anti-money laundering (BSA/AML) regulatory requirements, which will mean the need for increased compliance capacity and capabilities.
With expectations high for the potential for money laundering, fraud, cyber, and other compliance risks in connection with the application for and disbursement of stimulus and relief funding, banks and financial institution lenders need to remain vigilant, while meeting the challenge of disbursing funds as quickly as possible. This will require participating banks and financial institutions to balance their respective BSA/AML obligations—including customer due diligence (CDD) and associated beneficial ownership identification and verification requirements—with the need to expeditiously get money into the hands of qualifying businesses and individuals. In addition, the requirement to detect and prevent illicit financing, fraud, cyber crime, money laundering, and other financial crimes against lenders remains a priority.
K2 Intelligence Financial Integrity Network’s (K2-FIN) professionals have extensive experience in the development, implementation, testing, and oversight of regulatory compliance systems and financial crime governance frameworks for federally insured depository institutions, credit unions, fintechs, and governmental entities.
How We Assist
One of K2-FIN’s principal strengths is our investment in and use of technology. Utilizing our in-house innovation lab, AgileTechnologies, we have developed a series of financial crimes compliance capabilities that allow us to assist our clients with the facilitation of BSA/AML compliance remotely, including the ability to collect, process, investigate, and decision customer onboarding, screening, and transaction monitoring remotely.
Compliance and Governance
K2-FIN works with financial institution clients to ensure they have the proper governance, controls, and compliance frameworks in place to mitigate the regulatory risks of managing stimulus and relief disbursements. Our work includes developing and reviewing all facets of a compliance framework to address stimulus and relief funding eligibility requirements and distribution-related illicit financing risks—including evaluating and modifying BSA/AML policies and procedures, tailoring CDD and suspicious activity reporting processes, and complying with Office of Foreign Assets Control (OFAC) sanctions and state regulatory requirements, such as those of the New York State Department of Financial Services (NYDFS). In addition, our teams can assess the efficacy of fraud prevention, cybersecurity, and governance frameworks, identifying control weaknesses and making recommendations to enhance effectiveness and gain efficiencies through sound application of a risk-based approach.
Know Your Customer (KYC)
K2-FIN helps leading financial institutions, investment funds, and governments with the management of risks related to customer onboarding, due diligence, and account updating processes. Our team can design, assess, strengthen, and implement KYC policies and procedures in accordance with global standards and U.S.- and state-based laws and regulations—including with respect to customer identification and verification programs (CIP), the CDD Rule and related beneficial ownership requirements, specific and enhanced due diligence (EDD) programs, and OFAC sanctions screening. Our efforts include the collection and validation of customer data supplied as part of a financial institution’s KYC programs, investigation into beneficial ownership, verification of customer risk rating, and the identification of opportunities for enhancements to customer risk profiles. In connection with the evaluation of customer risk profiles, K2-FIN reviews and assesses transactional activity to identify and document potential money laundering and other financial crime typologies, including fraud and other indicia of unusual or suspicious activity to effectively counter risks associated with stimulus and relief fund disbursements.
Transaction Monitoring Services
K2-FIN’s Financial Crimes Risk and Compliance professionals have diverse consulting and in-house experience to meet the challenges that banks and financial services firms will face in developing and maintaining a fully compliant transaction monitoring program in light of the additional requirements and volume created by the stimulus and relief funding and loans disbursements. We work closely with clients facing temporary transaction monitoring staff shortages by providing professionals with relevant experience to assist with alert backlogs and overall maintenance of business as usual (BAU) volumes. In support of clients’ technology needs, K2-FIN calibrates and tests their transaction monitoring systems to ensure compliance with evolving requirements and risk profiles. Our transaction monitoring services are available remotely, and our in- house systems are capable of connecting to our client’s existing technologies. Lastly, our professionals have broad experience in helping financial institutions comply with regulatory consent orders involving historical transaction reviews.
Outsourced Managed Services
K2-FIN’s outsourced managed services capabilities incorporate an end-to-end BSA/AML compliance solution, allowing financial institutions participating in the CARES Act to manage the risks that come from a sudden increase in demand on existing compliance systems and personnel without the need for K2-FIN to be onsite. Our offering integrates anti-fraud, AML, and sanctions functions with leading process management systems and business intelligence tools for risk-based onboarding, CDD, and transaction clearing. Located in the United States and staffed with seasoned professionals, we provide institutions with a short ramp-up and integration time remotely, relying on our use of remote technology and secure networking. K2-FIN’s managed services solution can support existing BSA/AML and sanctions compliance programs in a variety of ways, including through customer screening and onboarding, periodic KYC reviews, risk- based CDD, EDD and investigative support, and KYC remediation. Our transaction monitoring systems and alert management processes utilize continually updated, state-of-the-art technology combined with our veteran team of analysts to identify and investigate potential suspicious activity. Lastly, our transparent and efficient workflow and case management infrastructure enable rapid reporting and provide near-immediate insight into stimulus and relief fund disbursement risks and related compliance controls.
Regulators are increasingly expanding the use of appointed independent monitors to assess, oversee, and monitor financial institution and corporate compliance with relevant laws and regulatory actions—particularly for banks and financial institutions with regulatory enforcement actions or deferred prosecutions by law enforcement. K2-FIN has a broad range of experience serving as an independent monitor for banks and other financial institutions, and as a monitor or compliance officer for investors, strategic acquirers, and sellers pursuant to the Committee on Foreign Investment in the United States (CFIUS) mitigation agreements and orders. Our monitors, brought in as part of a government settlement agreement, have the expertise to tackle a broad range of financial crimes and national security and trade compliance issues, including compliance with AML, BSA, and OFAC; antibribery and anti-corruption; and compliance with foreign investment review regimes, export controls, and other trade-related national security matters. K2-FIN helps those firms subject to enforcement actions comply with settlement terms and, on an ongoing basis, assess compliance programs and internal controls to address, help remediate, and avoid future problems.