ACAMS Today had the opportunity to speak with Anna McDonald Rentschler about her AML experience and what compliance professionals will be facing in 2014.Rentschler is vice president and BSA officer for Central Bancompany, Jefferson City Missouri, a $10 billion holding company in Missouri and Oklahoma with branches in Kansas and Illinois. She has been affiliated with Central Bancompany for 31 years. The Financial Investigations Unit encompasses the BSA/AML function and the Regulation E-dispute divisions. The BSA/AML FIU encompasses enterprise-wide consolidation of the necessary BSA/AML functions for all 13 affiliate banks. Rentschler was the 2008 recipient of the ABA Distinguished Service Award.

ACAMS Today: First of all congratulations on being appointed to the ACAMS advisory board. What are you most looking forward to contributing as an advisory board member?

Anna M. Rentschler: The small to mid-sized bank perspective and their needs will be my key focus. We have banks that range in size from $150 million to $2 billion aggregating $10 billion and growing. As we have an enterprise BSA/AML approach, we oversee both small and large banks — with an eye on the requirements that all financial institutions have to face. Just because we are smaller does not make the banks less of a target for illicit behavior.

AT: How did you first get involved in the compliance field?

AR: I have been in the compliance field since I was an examiner with the OCC. I was one of the first compliance examiners running around the Midwest checking on the alphabet regulations. BSA was just a blip on the radar screen at that time — boy has it grown!

AT: With your vast experience in compliance, what advice do you have for compliance professionals on how to stay one-step ahead of the next money laundering scheme?

AR: Just because you are smaller does not mean that you should not pay attention to the overall requirements of those financial institutions that are much larger than we. I read all of the civil money penalties etc. from cover to cover and I also try to learn what we need to do to make sure that we do not have the same issues in our banks. The requirements are then risk-sized to our needs — but, I have learned quite a bit as to where our process should be now and in the future. My advice: Read everything you can with regard to BSA/AML and stay in touch with peer banks of all sizes.

AT: Can you share three important lessons you have learned during your compliance career?

AR: Three lessons… hard to summarize but, here goes.

• First —Stay on top of BSA and compliance. Read everything you can and see how it applies to your financial institution from the largest to the smallest — it will have an impact on your banks! Stay one-step ahead whenever you can! I stay in touch with law enforcement and find out what they are seeing in our areas—they are an excellent source of information.
• Second —Document, document, document! Every step of the way, document your processes, keep your board of directors and senior management in the loop, (for sure document that) and keep everything up-to-date. The same old policies and processes are not going to work for you next year, maybe not next month – keep them updated.
• Third —Everything falls under the risk-based umbrella. Stay involved in the new and old products and services, the changes in how each are accessed and what the 'bad guys' are doing to take advantage of your products and services weaknesses. The Risk Assessment process is an ongoing requirement — not just a check-box anymore!

AT: What main challenges will financial crime prevention professionals face in 2014?

AR: 2014 presents a lot of the changes and challenges as I discussed before — new products and services mean we have to stay atop of BSA/AML issues. BSA/AML needs and requirements are constantly increasing, examiners are demanding that we do more and we still have to work for our banks that must generate a profit to be viable for our owners or shareholders. It is a precarious balance to be 'BSA/AML centric,' meet the needs of our customers and that of senior management and boards of all of our banks.

AT: What aspects of your job keep you passionate?

AR: My personal passion is Human Trafficking —this atrocity has grown in all size cities, small and large, and is a reality that we all, as human beings, must stop! It is truly hard to see and recognize in a transactional world — we need to tweak our systems to help stop this horrific crime; but, educating all bank personnel and the public as to what to look for and be cognizant of in order to keep this and other illicit crime out of our banks.

AT: For the second half of the interview I wanted to discuss in more depth your passion for Human Trafficking prevention and also touch a little bit on risk assessment. How should a financial institution train its employees to recognize funds coming from human trafficking?

AR: The first piece would be training. When a handler comes in with a potential HT victim, we want our customer service representatives (CSR) to be able to recognize that something is not right. Similar to our training on elder abuse, we need to train our customer representatives to recognize if a person comes in with someone that does not allow them to talk, controls the discussion or the identification of the person—we in BSA want to know about it. We refer to these types of people as handlers or controllers. We have an internal incident form that we provide to all employees through our CentraNet access that they can fill out if they recognize that something is not right (not just HT – but any unusual activity). The incident report is received by three different people within seconds of being sent. Once we receive the form from the CSR, we begin monitoring the account more closely. Another thing we do on the back end when monitoring these accounts is look for anomalies in the cash that may be coming in. Large amounts of cash might not come in all at once, sometimes the cash can come in every other day, but if it is a large amount of cash over time that you do not anticipate from that person you are monitoring or if it is coming from an unknown source or an improbable source, we will look into it. What we mainly look at is cash type issues, but every now and then we will see funds for human trafficking routed through the debit or credit card systems and we take a closer look at those funds. Much like the ACAMS Today article that was published in June 2013 stated, sometimes the first transaction for example at a massage parlor is for an actual massage; however, the second charge is for human trafficking activity.

If we see multiple charges, we will extend our monitoring from 90 days to six months to see if these types of charges had been occurring in the past. We follow the flow of money wherever we can. Human trafficking is difficult because it is not a set period of time like structuring. In our procedures, we have key words that we will put into our automated environment. If I come across an article or other news with other information of human trafficking occurring in our neck of the woods, I will add those key words to the system. Key words are critical when they come through our system, but overall, training is the first step that is needed.

AT: What types of training should a financial institution implement or how can a financial institution tweak their systems to help stop HT?

AR: Training is key. Keep your employees apprised of the local news. For example, today I read an FBI report of a local woman who plead guilty to sex trafficking in this area— I passed it on to those that should be aware of the issue and the area in which it happened. It can and does happen in small towns. It is important to send this information around to employees because I want to make sure our bank's BSA officer checks to make sure that this person is not a customer. A lot of times when we fill out the SAR, we will not know for several months if law enforcement (LE) is doing anything with the SAR that was filed, but usually when you fill out a SAR for human trafficking you do hear from LE quickly because this type of crime tends to raise red flags. We usually find out months after we have filed a SAR if LE has followed the lead and stopped a criminal.

AT: Where do your employees go to receive their training?

AR: Most of the training is in-house and online through our CentraNet and we also have internal face-to-face training for the front-line personnel. In addition, we have an internal newsletter that goes out monthly where we cover training on human trafficking and other compliance issues as well. Also, we have different BSA officers at different charters that conduct training at their banks.

AT: You work in a small to mid-sized bank, how many cases of HT have you thwarted at your bank?

AR: I would like to say that the Midwest is on the law enforcement radar screen for human trafficking and labor trafficking. Some of the larger cases have been in the Midwest. With regard to labor trafficking, one of the larger labor trafficking cases ended in Kansas City, Missouri involving contract work for hotels. A lot of the employees that were victimized were contracted for labor trafficking. The case was called Giant Labor Solutions and the handlers were from Uzbekistan. This case involved a network of 17 handlers who brought people over legally with work visas and then the handlers took the workers work visas so that these workers eventually became illegal in this country. While victims in the area, they were forced to work long hours and live in deplorable conditions. The workers feared that if they ran away they would be sent to jail because they were now illegal in the country. Eventually this ring of illegal trafficking was brought down by law enforcement and the victims were able to return back to their families.

AT: Has your bank dealt with HT cases that have directly affected your bank and what are the local HT initiatives you have in your community?

AR: My bank has referred local cases at truck stops to law enforcement. We filed SARs, but haven't heard directly from LE what has come from those cases. I am an advisory board member of the Human Trafficking Coalition out of Columbia, Missouri. There are many human trafficking coalitions located throughout the United States. This local coalition is mostly knowledge based. This coalition allows us to share the knowledge we have with LE and work together to stop human trafficking. Another active group based out of University of Missouri is Stop Human Trafficking. The volunteers from these coalitions go out into the community and train alongside LE to attempt to thwart human trafficking. The important thing is to go out and tell the human trafficking stories, make the public understand that human trafficking is active in our markets and have members in the community pull out their cell phones and save the number for the human trafficking hotline: 1-888-3737-888. This small step empowers the public so if they ever see or are suspicious of any human trafficking going on around their neighborhood, they will know how to report it. The coalition raised funds to be able to post the human trafficking number on a billboard on I-70 across Missouri. This billboard is where all can see it and know where to call in case they encounter human trafficking.

In addition to the coalitions, Columbia, Missouri Human Trafficking Coalition is having a fashion show titled: Freedom by Fashion where all the clothes are done by businesses that have a trafficking free work force.

AT: Why is risk assessment important and what recommendations do you have on how to build a successful risk assessment program?

AR: Your bank's risk assessment should drive what product and services you will offer your customers. They should go hand-in-hand. Knowing your high-risk products and services, as well as your low-risk products and services, tells you where you should be spending your time and what you should do. Not only do you need a good knowledge of who your customers are (KYC/CIP) but, you tie that in with the geographical piece and you can find out where your customers are and if there are any customers outside your area that you need to pay attention to. Another thing that is important in the risk assessment process is looking at the number and types of SARs that are being filed within your area. Three key pieces of a risk assessment are products, services and customers. They need to flow upward so you need to know what you need to pay attention to and dedicate resources accordingly. Paying attention to everything equally is not going to give you what you need. You should be paying more attention to your higher risk scenarios and then spending less time on lower risk scenarios.

In addition to your geographical, customer, product and services risk, we also look at our higher risk products and services. For example, our regulators are letting us know that prepaid card services, private ATMs, third party payment processors, and MSBs are the higher risk scenarios we should be looking into, per regulator emphasis. We use a statistical program that allows us to look at anomalies that may be high risk.

Finally, your risk assessment has to drive your process. Do not forget to keep your board of directors and senior management involved. I do a quarterly newsletter that is given to the board of directors and one of the things that I cover in that newsletter is a risk assessment summary and the emphasis it needs. As stated previously, another important part of the risk assessment world is to do a SAR analysis. You need to know what type of SARs your institution is filing. This knowledge, plus looking at the FinCEN data for your area in comparison is critical. And finally, make sure that BSA has a 'seat at the table' in meetings whenever possible, or a representative, to know about the high-risk services your company is considering.

AT: What steps should a small- to mid-sized bank do to have a successful compliance program?

AR: As mentioned before, our banks range from $150 million to $2 billion. So, we range from small town America to larger cities in the Midwest. In smaller banks, there is an advantage and a disadvantage. The advantage is that smaller banks in smaller towns generally know their customers well. If someone new comes to the bank, all the employees are asked is if they know this person — and we generally get the scoop on the new person — or a red flag may be raised. In a small town, you know everyone's business; however, in smaller banks KYC is critical and does need to be documented. Many larger towns do not have this benefit and have to rely on set processes to make sure appropriate steps are in place. Another important point is to discuss different issues that may arise with the bank's BSA committee. Regardless if the bank is small or large, if something unusual happens fill out an incident report and tell somebody quickly so that it can be taken care of — or at the very least monitored. Another critical piece is talking to local law enforcement. LE will tell you what is going on in the area and they will come into your bank and do training for your staff. In smaller banks where the budget is tight, having LE come and do the training is an excellent source. If you are a member of a banking association or ACAMS, pay attention to what is going on, read their publications, listen to webinars. It is important to know what is going on throughout the country in order to combat financial crime in your area.

AT: Any advice you would like to share with the membership?

AR: Read everything and listen to everything you can. Also read in between the lines. Even though you might read something that does not pertain directly to your organization, you might be able to tweak your process if you know what LE is looking for and you may see some trends of which you were not aware.

Visit ACAMS.org to read the Anna M. Rentschler, ACAMS advisory board press release.

Interviewed by: Karla Monterrosa-Yancey, CAMS, editor-in-chief, ACAMS, Miami, FL, USA, editor@acams.org.