- An Office of the Comptroller of the Currency (“OCC”) consent order led to a financial services customer contacting FTI Consulting to help improve and correct their Bank Secrecy Act/Anti-Money Laundering (“BSA/AML”) program. Our specialists helped the bank grow from a start-up to a more established organization via seven workstreams after it was regulated as the first of its type in the crypto-native business.
- Our Role: Using OCC Risk Management, FTI Consulting carried out an impartial model validation of the bank’s automated transaction monitoring system, TRM Labs. Based on our testing, an assessment of conceptual soundness, continuous monitoring, and outcomes analysis, we gave the customer a final model validation assessment report that included our methodology, observations, and suggestions.
Advice on Third-Party Risk Management Program:
- FTI Consulting helped the bank with its TPRM program by carrying out a current state assessment and utilizing the findings to guide the improvement of the program design through governance, inventory management, active management procedures, onboarding procedures, vendor selection, and support from subject-matter experts.
Customer Risk Rating:
FTI Consulting was enlisted to carry out a two-phase engagement, first analyzing the AML CRR tool’s existing status and then making improvements to it. In order to assure compliance with regulatory advice, the evaluation included conducting interviews with key stakeholders, comprehending the company and associated risks, and reviewing policies and procedures. The bank received a more effective AML CRR tool from FTI Consulting that included the risk factor suggestions made by the team. FTI Consulting also supplied revised and improved audit log documentation, process, and methodology.
Cybersecurity Program Assessment:
- Using industry best practices and frameworks, FTI Consulting conducted an independent evaluation of the bank’s cybersecurity program, including its security architecture, policies, and processes. The customer got a final assessment report that included our methodology, quantitative and qualitative results, and suggestions based on the data and documents received as well as the conducted interviews. FTI Consulting evaluated the bank’s exposure to the dark web and digital footprint in order to provide useful advice on any weak points.
- KYC Uplift: The bank hired the team from FTI Consulting to help improve its Know Your Customer (“KYC”) procedures for over 400 high- and medium-risk clients. To do this, it was necessary to update policies and processes, make use of an advanced AML CRR tool, gather any missing data, and confirm the paperwork for the Customer Identification Program (CIP), Customer Due Diligence (CDD), and Enhanced Due Diligence (EDD).
- Support for Compliance Testing Resources: FTI Consulting supported the bank by carrying out a second line of defense control testing for the bank’s IT security controls, including endpoint security, resiliency, cyber, threat, and incident management as well as asset and configuration management and Hardware Security Modules (or “HSM”) operations. Work papers verifying the fieldwork were generated by FTI Consulting, along with summary reports detailing the findings, problems found, and suggested corrective actions.
Source:
fticonsulting
