Financial Update (July-Septemer 1997)
Fed Announces Sound Risk Management Guidelines for Private Banking Activities
he Federal Reserve Board of Governors recently released sound risk management guidelines for private banking activities such as personalized investment services. The guidelines are based on the findings of the New York Fed's comprehensive review of private banking activities at 40 domestic and foreign banking organizations in its District.
The review was initiated to enhance the Fed's understanding of private banking operations as the market for these activities — offering high net-worth customers sophisticated financial products such as options and swaps — has grown and become more profitable. Examiners focused principally on assessing each institution's ability to recognize and manage the potential reputational and legal risks that may be associated with inadequate knowledge and understanding of its clients' personal and business backgrounds, sources of wealth and uses of private banking accounts.
The new guidelines provide the basic controls banks need to minimize reputational and legal risks and to deter illicit activities such as money laundering. The guidelines include information on the essential elements associated with sound private banking activities:
The Fed is also distributing an updated manual for examination procedures relating to recent additions and changes to the Bank Secrecy Act as well as updated sections relating to anti-money-laundering initiatives. The Board of Governors is also developing a draft regulation to require banking organizations to establish "know your customer" policies and procedures. The results of the banking reviews will be incorporated into the proposed regulation.
- Management oversight. Senior management's active oversight of private banking activities and the creation of an appropriate corporate culture are crucial elements of a sound risk management and control environment.
- "Know your customer" policies and procedures. Banking organizations should obtain identification and basic background information on their clients, describe the clients' source of wealth and lines of business, request references, handle referrals and identify red flags and suspicious transactions.
- Risk management practices and monitoring systems. Banks should request and retain documents relating to their clients and perform due diligence, such as obtaining follow-up information where needed to verify or corroborate information provided by a customer or that customer's representative, particularly for accounts opened by financial advisers or through offshore facilities.
- Segregation of duties, compliance and audit. Banks need an effective system of oversight by senior officials and by board committees. Banks should also have guidelines pertaining to the segregation of duties to prevent unauthorized waiver of documentation requirements, poorly documented referrals and overlooked suspicious activities. Strong compliance and internal audit programs are essential.