Background
In preparation for a federal regulatory request for a 90-day OFAC Compliance Review, a financial institution requested Wavestone to prepare for the arrival of the regulator-appointed Independent Consultant (‘IC’), provide ongoing tactical support during the IC’s review, and assist with designing and monitoring implementation plans resulting from the IC’s recommendations.
Challenges
Wavestone helped the client address the following challenges:
- Risk of Regulator-Mandated “Cease and Desist” – Some business activities faced a potential “cease and desist” mandate from regulators, necessitating a heightened level of sensitivity in project management and communication with the regulators
- Complex Data Requests – Unexpected regulator requests with short notice were a common occurrence and required tactful and timely information transmission, coordinated across regions with data privacy restrictions
- Regulatory Technology Installation – The IC required the installation of third-party transaction filtering technology as part of their mandated review. Due to the varying IT security restrictions in different regions, coordination for each location was difficult
Answers and Key Success Factors
Wavestone assisted the client in preparing for the 90-Day IC OFAC Compliance Review and ensured both a smooth review and post-assessment with the following key success factors:
- Developed and Implemented a governance framework for IC interaction to ensure efficient communication and tracking of 90-day review progress
- Managed a document repository and developed process controls to monitor the delivery of documents and responses to the IC from global stakeholders
- Designed customized roadmaps for each global location from which the IC required data and the installation of their third-party filtering technology
