This is a transcript of the podcast episode Karen Brown on “know your customer” compliance in correspondent banking between GRIP’s US Content Manager Julie DiMauro, and Karen Brown, Head of KYC Compliance at a New York City-based correspondent bank.
[INTRO]
Julie DiMauro: Greetings, everyone, and welcome to a Global Relay Intelligence and Practice, or GRIP, podcast. I’m Julie DiMauro, the US Content Manager for GRIP, talking to you from New York City.
GRIP is a service that features a daily website of articles on a variety of compliance and regulatory topics, plus podcasts and other deep dives into compliance trends and best practices. You can find the service at www.GRIP.globalrelay.com, and we hope you’ll connect with GRIP on LinkedIn.
I’m so pleased to announce that today’s podcast session features Karen Brown, head of Know-Your-Customer (KYC) Compliance at a correspondent bank located here in New York City. I’m going to ask Karen to please introduce herself and describe her background before we kick off the program. Over to you, Karen.
Karen Brown: Thank you, Julie. Firstly, thank you so much for having me on your podcast today. I am humbled to be here. As Julie mentioned, my name is Karen Brown. I am the head of KYC at a correspondent bank located here in Midtown New York. I have been in the compliance space for 20-plus years.
And with that, I’ve had a history of dealing with investment banks, financial institutions, and of course, adding value where there are onboarding spaces, where there are KYC spaces, which is where I’m currently sitting now. I even was in the head of quality assurance overseas for another financial institution.
So that has led me to where I am now, and it’s been a wonderful experience just going through this journey of compliance. It’s an ever-evolving space, and so there’s so much to learn. And even as the head of compliance, I’m constantly learning new and better ways to handle situations in our day-to-day practice.
Julie DiMauro: Absolutely. Thanks so much, Karen. Now, I want to take a deeper dive into your work. You’re doing a lot of work in the anti-money-laundering space, obviously. And how does that differ in 2025 from prior years, if it does? And how do you ensure that you have the resources to meet new expectations?
Karen Brown: That’s a great question, Julie. Thank you for asking. So I think one of the biggest shifts in 2025 has been the acceleration of regulatory expectations, especially around automation, beneficial ownership, transparency, and ESG-related risks. So ESG, for those who are not aware, stands for environmental, social, and governance. And in the financial service sector, it’s become a critical lens through which we assess not just compliance, but long-term sustainability and ethical exposure.
So for example, institutions are now expected to determine whether a customer has ties to industries with high carbon output, labor exploitation, or weak corporate governance. Let me go a little bit deeper into that. So high carbon output refers to the businesses or sectors like fossil fuel extraction, heavy manufacturing, or large-scale agriculture that generates significant greenhouse gas emissions. These entities are increasingly viewed as high risk from both an environmental and financial crime perspective, particularly where their operations may intersect with illegal logging, environmental violations, or sanction-less exposures.
This ESG lens is especially relevant in corresponding banking where the risk is often indirect. If a respondent bank serves clients in high carbon industries and those clients use infrastructure to access the US financial system, we inherit that exposure, taking a more intentional approach to understanding not only our respondent banks, but also who they serve and how their client’s business models align with global ESG expectations.
So let me talk a little bit about how that connects specifically to compliance and KYC. So from an enhanced due diligence perspective, we must consider sectoral risk, especially for banks serving high carbon output clients. Transaction monitoring rules need to flag patterns consistent with ESG red flags, like large payments to or from jurisdictions known for environmental exploitation. Reputational risk is heightened when correspondent banks are tied to controversial industries with high emissions or poor sustainability records. And finally, sanctions screening increasingly includes ESG linked designations, especially where environmental crime and corruption overlap.
For example, illegal logging operations tied to sanctioned individuals. So failing to properly integrate ESG into your AML framework increases reputational financial risks, as I just mentioned, and can expose the institution to regulatory scrutiny. Particularly if those ESG blind spots overlap with corruption, sanctions violations, or environmental crimes. Unlike earlier years where periodic reviews or basic risk scoring suffice, regulators now expect a more real-time intelligence driven approach.
To meet these expectations, I focused on cross functional collaborations with audit and technical teams, building KYC protocols that are nimble, measurable, and sustainable. And I also advocate for consistent up-skilling across the team.
Training and learning is so important in this day and age. Training isn’t optional anymore. It’s essential. And I think 2025 has really solidified that compliance must be both agile and forward-looking.
Julie DiMauro: Karen, it’s so funny when you bring up 2025 and anything that might’ve changed from last year to this year. I didn’t actually expect you to go down the ESG route!
Karen Brown: Yes.
Julie DiMauro: But there’s still a focus there in terms of forced labor, human rights, right, and carbon emissions?
Karen Brown: Correct. And also, because it’s also related or linked to oil and gas companies and other types of entities that have correspondent banking as part of their product suite, it’s important to understand and know what that footprint looks like.
Julie DiMauro: I want to ask you a little bit about the unique challenges in the AML, and more specifically, the Know Your Customer KYC space over the past several years, especially in terms of training which you brought up, technology and the skill sets required of your team.
Karen Brown: Sure. Great question, Julie. So, the KYC space has had to evolve rapidly, especially with increasing regulatory scrutiny and the growing sophistication of financial crime. One major challenge is the skill gap between the legacy KYC practices and what modern compliance requires today. We’re not just collecting documentation anymore. We’re assessing behavioral risk, geopolitical risk, and digital footprints.
That means training has to go deeper and technology has to be leveraged more effectively. You need analysts who can think critically and not just check the boxes.
Julie DiMauro: That totally makes sense. Now your firm just went through a time-consuming exam by a US bank regulator in a high-level way. Can you just tell us a little bit about what that process entailed, how you deal with the business interruption it presents, and does it offer some rewards on the other side of it?
Karen Brown: Yeah, that’s a… You’re right. We just came out of our annual examination with our regulator, and I have to say, not just specific to where I’m currently located, but historically, that’s always been an eventful process. So, regulatory exams are, as I was about to say, a marathon. Months of preps, walk-throughs, documents, submissions, interviews, and follow-ups.
The challenge is balancing transparency and precision while still keeping daily operations moving. What I’ve learned is to treat exams as a diagnostic tool, not just for the regulator, but for your own institution. If you’re open to the process, it can expose systemic weaknesses and give you leverage to secure more internal resources. In our case, it helped to reinforce the importance of KYC remediation and allowed us to rebuild the program with broader institutional buy-in.
So with all that being said, as I mentioned at the beginning, our regulatory environment is consistently changing, and the regulators want to make sure and ensure that you are evolving around those specific changes and how you’re integrating it into your BAU as part of your daily processes and procedures.
Julie DiMauro: Do you find that the regulator expects and welcomes a dialogue throughout the year, though, and in between these inspections?
Karen Brown: They absolutely do. In fact, regulators will quietly suggest that keeping a good amicable relationship between the two to understand that we are meeting the current needs of the industry, it will cultivate a healthy relationship with the regulators.
Julie DiMauro: And that’s welcome. What are the unique challenges of working at a correspondent bank? And please, for my readers, that might not be acquainted with correspondent banking, can you explain what that is?
Karen Brown: Sure. So correspondent banking is when a bank is leveraging an institution on behalf of their customers. And from my perspective, we are leveraging customers who are doing business with our products and services in other continents. So with that being said, correspondent banking presents heightened risks just by the nature of it. You’re often dealing with indirect customers and cross-border financial flows.
This means due diligence isn’t just about knowing your customer, but knowing your customer’s customer. And sometimes even further, at our institution, we’ve implemented a deep dive process where we specifically analyze our customer’s customer’s activity by reviewing their transactions and ensuring that the stated account purpose aligns with the actual activity.
The challenge is maintaining trust with our respondent banks while upholding rigorous AML standards. We have to be culturally aware, politically informed, and diplomatically firm all at the same time. Not an easy ball to juggle.
Julie DiMauro: I can imagine. Now, you told me that you experienced the process of implementing reforms recommended by an appointed compliance monitor at a large bank prior to this role. Can you describe what your role in that process was and what you learned from that experience?
Karen Brown: Sure, absolutely. So one of the things that we needed to do, and this relates specifically when I was working overseas at a large financial institution, banking institution, because of footprints, the footprint was a global footprint. We were responsible for creating a standard across all of our entities and all of our subsidiaries.
So what we implemented was a global standard. What the focus was going in and speaking with the compliance and the legal teams from each of our different subsidiaries to first do a gap analysis and understand what that gap analysis was, right, and processes and procedures. And then once we understood what the gap was, it was raising those standards up to a global standard where, although there were specific nuances within each of the different countries, we had one specific standard across all. And that allowed for a little bit of flexibility in terms of certain legal regulations within each country.
So that experience was pivotal in shaping how I lead today, actually, Julie. I serve as a key liaison between the monitor and the internal stakeholders. Translating the monitor’s recommendations into practical and actionable steps. I learned how to navigate competing priorities, manage remediation timelines, and most importantly, how to keep morale high because it’s not very easy when not only are you trying to meet the needs of the regulators, but also stay on point with the day-to-day needs of the business. So basically, during these high periods of intense scrutiny, it helps to internalize and understand how culture, governance, and tone from the top can either empower or limit real compliance change.
Julie DiMauro: Terrific. Now, Karen, you and I had talked about how AML just inevitably includes an examination of other financial crimes, from bribery to terrorist financing and others. And you were telling me your organizing framework around monitoring the risks of each of these has to do with people, processes, and systems. Can you explain what you mean by that?
Karen Brown: Sure. When I say people, processes, and systems, I’m referring to the three pillars of any sustainable compliance program. People need to be skilled, empowered, and accountable. Processes must be risk-based, repeatable, and auditable. And systems must be scalable and agile enough to respond to change. Whether you’re dealing with sanctions fraud or terrorist financing, this framework anchors your response and provides the structure needed to adapt effectively.
So understanding those three pillars will then help you to cultivate not only the right tools, the right people, and also the right training. And it’s a top-down approach and a bottom-up, because as our managers and our leadership are managing us, we’re also managing them as well with the day-to-day practices and making them aware of what the current environment looks like.
Julie DiMauro: That totally makes sense. You can have all the best technology in the world, but if your people don’t have the trust and the training, the skill sets, again, back to kind of the relationships, and you’ve talked about morale, it’s not going to work. So all three pillars need to be full steam ahead.
Karen Brown: Yes. You touched on a critical point, which I mentioned earlier, morale is the biggest thing, because that’s what people lose first and foremost in a very rigorous, very intense environment where you have to be up to standards. You have to be aware of what the current regulatory framework looks like, and then implementing that.
So being able to pull all those things together, but at the top of it, making sure that morale is high and being supportive of your team with that infrastructure makes you that much more successful and effective.
Julie DiMauro: Absolutely. Now, looking back at your work experience and your participation in what you and I have called the large but also small compliance community that exists in our country, what have you learned? And what would your advice be for other compliance professionals, especially those just starting out?
Karen Brown: Yeah, that’s a great question, Julie. I’ve learned that relationships are everything in this space. The compliance community is smaller than people think, and your reputation follows you.
My advice, lead with integrity, stay teachable, and don’t be afraid to ask questions. Also, don’t underestimate the value of mentorship. Compliance can be heavy, so having people who believe in you and guide you through it is priceless. We all rise faster when we rise together.
Julie DiMauro: Wow, I love that.
Karen Brown: Thank you.
Julie DiMauro: Karen, I want to give you the chance to express any final thoughts here that might have come up in your own mind as we talk today before we conclude here.
Karen Brown: I just like to say that compliance is no longer a back office function. I remember those days, and we are far past that. It’s a business enabler. If done right, it builds trust, opens markets, and protects not just institution, but people.
I’m grateful to be a part of this evolving space and even more grateful to be having these conversations, and I’m so grateful, and I thank you, Julie, for this opportunity.
Julie DiMauro: I want to thank you so much for sharing your incredibly useful insights with all of us being on this GRIP Podcast program today. And I want to thank our listeners for tuning in as ever. Please explore our articles and other podcasts at grip.globalrelay.com, and please tell your colleagues about us. We’ll see you back here for another podcast session soon. Thank you again, Karen Brown.
Karen Brown: And thank you so much, Julie, for having me.
