Even if your business is too small for a Board of Directors or Compliance Officer, certain requirements must be met.
In financial institutions, including cryptocurrency money services businesses, the BSA Compliance Officer is in charge of enforcing AML policies and procedures while a Board of Directors is ultimately responsible for the institution’s overall AML compliance.
If you’re a “solopreneur” running a single bitcoin ATM, or a small business with one or two partners, you might be wondering who is supposed to serve in these roles.
After all, a Compliance Officer is a compliance requirement, and the Board serves an essential role as well. Shouldn’t every business make sure these roles are filled, regardless of size?
We get a lot of questions along these lines. “It’s just me and one employee. Do I need a Board of Directors? Who is my Compliance Officer?”
These guidelines can be tricky to follow for smaller businesses. In this article, we’ll cover what is required and when.
Requirements you must meet
Every business in the cryptocurrency space that is considered a money services business (MSB) money transmitter is required by law to design and implement an AML program and associated procedures and policies.
The pillars of BSA/AML compliance are a helpful framework designed to help businesses create policies that help them meet their regulatory compliance obligations.
The pillars of BSA/AML compliance are:
- Designating a BSA Compliance Officer
- Establish internal controls to maintain compliance
- Perform independent testing of policies and procedures
- Train employees in AML compliance
- Determine beneficial owners of legal entities
You’ll notice that the appointment of a BSA Compliance Officer is among these pillars, though the designation of a Board is not. Does that mean a Board is optional?
Not quite. The Board serves many key roles in institutional compliance, including:
- Approval of the written AML program and associated policies and procedures
- Appointment of the BSA Compliance Officer
- Taking responsibility for the efficacy of the institution’s BSA/AML program
- Promote a culture of compliance
- Overseeing corrective measures in response to required independent AML audits
Though there’s no black-and-white rule that requires companies to have a Board of Directors, someone or something has to juggle these responsibilities and provide ultimate accountability for the institution’s compliance.
Who or what else would do that but a Board?
This is why there’s such confusion among smaller businesses. If a Board is an implied requirement, and a BSA Compliance Officer is a pillar of BSA/AML Compliance, does this mean that every operation, regardless of size, needs to hire at least one employee (the Compliance Officer) and appoint a Board of Directors?
It seems far-fetched for some entrepreneurs, especially those just starting out, or those with a few partners, none of whom have a background in financial compliance.
But to operate legally and in compliance, you have to figure out some way of meeting these obligations.
When will you need a BSA Compliance Officer?
If you’re running a business in the cryptocurrency space, then you need a BSA Compliance Officer from day one of operations.
This is not a role that your business can “grow into,” so to speak. Someone must be designated to take on these responsibilities before you ever open your doors for business. If you’re the sole owner and member of your company, it’s you.
The good news is that there’s no “resume” criteria for a BSA Compliance Officer.
If you have limited to no experience in financial compliance, it’s not like you need to put your entrepreneurial dreams on hold to seek a Bachelor’s Degree in Criminal Justice and then an internship or position in compliance at another financial institution first.
All that regulators expect is a person in the role dedicated to performing day-to-day compliance activities.
Obviously it’s preferable to have someone with knowledge of compliance or a similar set of experiences, and it’s not like “BSA Compliance Officer” is a name-only designation. There are roles that must be performed, and if nobody is at the wheel, that spells danger for your business.
But the larger point is that it’s not uncommon for a founder of a business to serve in this role, at least initially.
The learning curve might be steep at first, and indeed, regulators expect AML compliance training to be “ongoing” and “targeted.”
Because financial criminals are always changing their methods, and because financial regulations can often change without much (if any) notice, the BSA Compliance Officer’s education is an ongoing one.
This means that even if you are a solopreneur and comprise a single-person entity, you must still engage in continuous training to keep your skills and compliance acumen sharp.
When will you need a Board of Directors?
Some business owners have told us that they don’t have a Board because it wouldn’t be necessary given their existing operations or structure.
We couldn’t disagree more.
While it may seem unnecessary or overly ambitious to use the term “Board” for a small business of 2-3 co-founders, or even a sole founder/employee operation, you should establish the structure at the very beginning in order to maintain consistency as your business grows.
You will eventually hire employees, so creating a structure that separates compliance from sales and business development to avoid conflicts of interest, and establishing clear roles and responsibilities are not things you want to tack onto the ship while it’s at sea.
Having a Board meeting with yourself might sound silly at first, but will help you get into the habit of setting time aside to think through your institution’s compliance policies and responsibilities, determine whether or not you are meeting them, and exploring areas for improvement as you grow your business.
Also, even if you’re on the smaller side, you can create a Board of Directors comprised of advisors and connections in the industry. It’s always good to have a team to bounce ideas off of, especially during early stages of growth.
Lastly, document everything.
Key takeaways for business owners
Though being your own Board of Directors and BSA Compliance Officer sounds strange, the reality is that each has mission-critical responsibilities that need to be managed from day one of operations.
You also want to prepare your compliance to scale, and create roles, responsibilities, policies, and procedures with growth in mind so that you’re not constantly going back to the blackboard to reconfigure your organizational structure.
Believe us, keeping up with changes to compliance is a big enough job on its own.
If you have any questions about bitcoin compliance or other compliance requirements, you can contact us here.
If you are a sole business owner or small team looking for AML software to help you with some of your regulatory compliance obligations, you can try a demo of BitAML’s compliance platform ComplyFit here.