Complying with Bank Secrecy Act/Anti-Money Laundering (BSA/AML) regulations is a major challenge for financial institutions. Those found with deficient practices are subject to receive a Matter Requiring Attention (MRA) notification. The Office of the Comptroller of the Currency (OCC) states, “MRAs communicate specific supervisory concerns identified during examinations in writing to boards and management teams of regulated institutions. MRAs must receive timely and effective corrective action by bank management and follow-up by OCC examiners.”
This combined requirement of timeliness and proof of effectiveness makes delivering an acceptable response particularly challenging. Unfortunately, MRAs are not uncommon. The article Get to Know the “5 Cs” — BSA Matters Requiring Attention notes, “Most banks receive some sort of finding or ‘Matter Requiring Attention’ (MRA) or ‘Matter Requiring Immediate Attention’ (MRIA) regarding their BSA Program during a BSA exam.” Given the likelihood of receiving an MRA, and the burden associated with the response, developing a robust process to handle them is essential.
This post will examine how the right Enterprise Risk Management (ERM) system is uniquely suited to not only help efficiently and effectively respond to the challenges associated with MRAs, but also (when properly configured) help minimize them.
To understand how this is possible it is useful to “learn from the mistakes of others.”