A critical but sometimes overlooked topic in the virtual currency world is the Bank Secrecy Act (“BSA”) examination for registered money service businesses. Digital currency companies that meet the definition of an MSB must register and comply with the requirements of the BSA. This includes the implementation of an effective anti-money laundering (“AML”) program.
On February 12, 2015, an AML regulation panel on virtual currencies was held at the Foreign Affairs Cryptocurrency Forum at the Council on Foreign Relations. Among the participants was Jennifer Shasky Calvery, Director of the Financial Crimes Enforcement Network. During the panel discussion, Ms. Calvery emphasized the importance of registration and compliance with BSA for digital currency companies and informed the panel that the BSA examination team has already been trained on virtual currencies.
The BSA examination consists of five phases:
- Pre-planning
- On-site visit to the business and interview of appropriate personnel
- Examination of the AML program
- Examination of the books and records of the business
- Developing conclusions and finalizing the exam
The adequacy of the MSB’s AML compliance is the examination’s primary focus. The BSA examiner reviews the AML program, internal processes, and records to determine the adequacy of the AML program. To assess the effectiveness of the MSB’s AML program and its compliance with BSA regulatory requirements, the BSA examiner utilizes various risk-based examination procedures and techniques. Ms. Calvery reinforced the use of this “risk-based” approach during the panel discussion, and encouraged digital currency MSBs to likewise use this approach in determining the appropriateness of their AML programs, which should be designed to detect and deter money laundering and terrorist activities.
At a minimum, an AML program must contain the following:
- The development of internal policies, procedures, and controls;
- The designation of a compliance officer;
- An ongoing employee training program; and
- An independent audit function to test the AML compliance program.
The above should be done by taking into consideration your own risk assessment.
Are you ready for that exam? If not, now might be a good time to brush up on your AML.