Planning: The Best Solution for Regulatory Exam Stress

Even if bank and fintech officers know when a regulatory exam is coming, many still do not feel sufficiently prepared as the exam date approaches. Having regulators dig through financial services organizations’ work can be a daunting and time-consuming experience. Further, the results of an exam could destabilize customer confidence or put a Bank Secrecy Act (BSA)/anti-money laundering (AML) officer’s job at risk.

While exams can be uncomfortable by nature, organizations can lessen anxieties by putting a proper plan in place and by setting appropriate expectations. Additionally, establishing a strategy well in advance can help manage preexam needs.

Financial crime teams should prepare several months in advance of each BSA/AML exam. Following is a helpful timeline for preparing for regulatory exams.

Six months ahead of an exam is the time when financial services organizations can identify what must be done and create a road map to address those matters.

Although regulators likely will not issue a request list until several weeks before the exam, organizations might still have open issues from a previous exam or tasks identified by internal audit. These issues don’t necessarily need to be closed immediately, but regulators likely will review them first.

It is important for organizations to determine how and when they should take necessary actions. First steps can include:

• Taking inventory of policies and procedures
• Creating a checklist of everything that must be enhanced, reviewed, and completed before regulators issue a request list
• Assigning tasks with priority levels and due dates to stakeholders
• Appointing a member of the BSA/AML team as project manager for the checklist
• Setting milestone expectations

Organizations should review the checklist weekly to assess progress. If any uncertainties exist about their ability to address an issue, contacting a third-party specialist for review assistance is better done now than closer to the exam date.

3 months before the regulatory exam: Execute the plan

Three months ahead of an exam, organizations should be closing issues and preparing team members to focus on the exam, including rebalancing workloads across team members to better enable exam success. The checklist of issues created three months prior should be about 80% finished.

Financial services organizations should consider:

• Documenting issues and evaluating issue remediation progress, including whether certain issues can be closed
• Creating remediation memos showing what actions were taken and why, including evidence
• Establishing a transition plan that highlights individuals on the financial crime team who can take on outside responsibilities so designated team members can focus on exam requests and preparations
• Preparing documentation that demonstrates accomplishments, enhancements, testing, and new procedures and controls

Reporting and documentation should accurately reflect the status of each work item. It is better to directly communicate and document the current state of the program, including any remediation items, rather than avoiding them.

1 month before the regulatory exam: Prepare the request list

Regulators will request information including documents, data, and responses in anticipation of an upcoming examination. At least one month in advance of an exam, organizations should identify a leader who is responsible for the request list and for organizing teams to fulfill it.

Obtaining request list items is not something that should wait until the last minute. Larger organizations might have an entire regulatory response team prepared to complete this effort, but smaller organizations might need external assistance.

When completing request lists and making final preparations, organizations can:

• Review every request item and verify it is addressed
• Communicate gaps in the request list to the team
• Evaluate completed requests for clarity and consistency
• Detail where requested items can be found in procedures and documents for examiners
• Add context to responses to assist examiners wherever needed
• Develop a kickoff presentation with the regulators detailing the work and enhancements that have been made since last exam

During and after the exam: Be available

Regulatory examiners are thorough and analytical, but they can experience the stresses of an examination just as financial crime teams do. Building a professional business relationship with examiners can be helpful for everyone. Being honest, available, prepared, and communicative will enable everyone to be successful.

Following a regulatory examination, organizations likely will have to address at least one issue. Proactively organizing a plan for addressing these issues – like the plan created six months before the exam – can be helpful.

If organizations have questions about issue remediation or are considering changes to their program or processes, an open line of communication with examiners can help get things right the first time and demonstrate a willingness to seek out and comply with guidance.