Archive

OCC: BSA/ML Risk Assessment

ABA Contact: Rich Riese
Published: Federal Register December 9, 2005
Comments Due: January 9, 2006
Disposition: Filed

Summary

On December 9, 2005 OCC published in the Federal Register a notice that it has sent the Money Laundering Risk Assessment information collection to OMB for review and approval.  This creates another opportunity for you to comment.  Comments are due January 9, 2006.

As recited by the Supporting Statement to the BSA/AML Risk Assessment information collection (OMB Control No. 1557-0231), OCC has created the MLR System "to assist national bank examiners in measuring levels of risk in individual banks [and to] provide a more thorough and systematic method for examiners to assess a bank's risk profile, to determine examination scopes, and areas where expanded procedures and transaction testing may be needed.

OCC officials believe that collecting this information will also enable the agency to better assign examination resources among national banks based on risk.

The RSF consists of nine pages requiring numerical information on specific products and customer types, including number of retail transactions, dollars of retail transactions, number of accounts and outstanding balances. The data will be collected for each bank every 12 months. Community and mid-size banks will use the RSF, whereas the resident examiners of the 25 largest national banks are expected to have access to the same data from their assigned institutions.

Going forward ABA will be watching for answers to the following questions and asking for your experience with the MLR System:

  • Will OCC accept (without adverse criticism) bank risk assessments not predicated on the MLR System data or format?
  • Will OCC examiners differentiate among risk levels within product/customer groupings?  E.g., According to the April 2005 Interagency Interpretive Guidance on MSBs, not all check cashers or money transmitters are high risk—yet the RSF makes no reporting distinction.
  • What will examiners require to "verify" bank estimated responses? What level of accuracy will be enforced? What will be the quality of information in the OCC database when it is an aggregation of actual data and estimated data from different reporting banks?
  • In the absence of data that distinguishes the relative risk of products or customers within particular categories, how will OCC describe risk levels based on aggregate data? Will OCC use the aggregate data internally, on an interagency basis, or in reports to Congress or other oversight bodies as a measure of industry BSA risk trends without distinguishing among risk levels within reported product/customer categories?
  • Will OCC generate peer group reports from the database, and if so, how will they be used by policy makers versus examiners?
  • Will the other agencies adopt data collection of the same or similar type, or does the OCC's action represent a break from consistent Interagency exam procedures?

ABA is interested in your experience and encourages you to provide feedback on the MLR System and its impact on your OCC examination using our BSA Exam Questionnaire.

At this point, no other agency requires this or any comparable data submission in connection with the Exam Manual or its oversight of BSA compliance. Although some discussion is occurring within those agencies about having a data submission requirement covering BSA, word from the Federal Reserve is that they have no current intentions to adopt such a mandatory risk data collection process or risk assessment form.

Supporting Documents

Supporting Statement and other Paperwork Burden background.
MLR System User Guide (BSA category).

2006 Regulations Chart
Federal Register
ABA Comment Letter